SSH Command Reference Sheet

Basic SSH Commands

Command	Description
`ssh user@host`	Connect to a remote host as a specific user.
`ssh -p port user@host`	Connect using a non-default port.
`ssh host`	Connect to a remote host using default username.
`ssh -i /path/to/key user@host`	Connect using a specific private key file.
`ssh-copy-id user@host`	Install your public key on a remote host for passwordless login.
`ssh -v user@host`	Connect with verbose output for debugging.
`ssh -X user@host`	Enable X11 forwarding for GUI applications.

SSH Key Management

ssh-keygen -t rsa -b 4096 -C "[email protected]" - Generate an RSA key pair with 4096 bits.
ssh-keygen -t ed25519 -C "[email protected]" - Generate an ED25519 key pair (recommended for new keys).
ssh-add ~/.ssh/id_ed25519 - Add a private key to the SSH authentication agent.
ssh-agent bash - Start a new shell with the SSH agent.
ssh-add -l - List keys added to the SSH agent.
ssh-keygen -p -f ~/.ssh/id_rsa - Change the passphrase of a private key.
ssh-keygen -y -f ~/.ssh/id_rsa > id_rsa.pub - Generate a public key from a private key.

SSH Configuration File (`~/.ssh/config`)

Create a configuration file to simplify SSH commands:

Host shortname
    HostName example.com
    User username
    Port 2222
    IdentityFile ~/.ssh/id_ed25519
    ForwardAgent yes

Usage:

Now you can connect using ssh shortname instead of the full command.

SSH Tunneling and Port Forwarding

Local Port Forwarding

Forward a port from the local machine to the remote server.

ssh -L local_port:destination_host:destination_port user@remote_host

Example: Access a database on a remote server's network:

ssh -L 3306:db.internal.local:3306 user@remote_host

Now, you can connect to localhost:3306 to access the remote database.

Remote Port Forwarding

Forward a port from the remote server to the local machine.

ssh -R remote_port:destination_host:destination_port user@remote_host

Example: Allow the remote host to access a service running on your local machine:

ssh -R 8080:localhost:3000 user@remote_host

The remote host can now access your local service via localhost:8080.

Dynamic Port Forwarding (SOCKS Proxy)

Create a SOCKS proxy on the local machine that routes traffic through the SSH server.

ssh -D local_port user@remote_host

Example: Set up a SOCKS proxy on port 1080:

ssh -D 1080 user@remote_host

Configure your applications to use localhost:1080 as a SOCKS proxy.

SSH Multiplexing

Reuse SSH connections to improve performance.

Host *
    ControlMaster auto
    ControlPath ~/.ssh/ssh_mux_%h_%p_%r
    ControlPersist 10m

With this configuration in ~/.ssh/config, SSH connections to the same host will be reused for 10 minutes.

SSH Jump Hosts (ProxyJump)

Connect to a remote server via an intermediate SSH server.

ssh -J user@jump_host user@destination_host

Example: Connect to a server behind a firewall using a jump host:

ssh -J [email protected] [email protected]

You can also configure this in ~/.ssh/config:

Host internal
    HostName internal.example.com
    User user
    ProxyJump [email protected]

Now, connect using ssh internal.

SSH File Transfers

SCP (Secure Copy)

scp local_file user@remote_host:/remote/path/ - Copy a file from local to remote.
scp user@remote_host:/remote/file /local/path/ - Copy a file from remote to local.
scp -r local_dir user@remote_host:/remote/path/ - Recursively copy a directory.
scp -P port local_file user@remote_host:/remote/path/ - Specify a custom SSH port.

SFTP (SSH File Transfer Protocol)

sftp user@remote_host - Start an interactive SFTP session.
put local_file - Upload a file in SFTP session.
get remote_file - Download a file in SFTP session.
mput local_files - Upload multiple files.
mget remote_files - Download multiple files.

SSH Control and Management

ssh -f -N user@host - Run SSH in the background without executing a remote command.
ssh -C user@host - Enable compression.
ssh -o Option=value user@host - Specify SSH options on the command line.
ssh -T user@host - Disable pseudo-terminal allocation.
ssh-keyscan host - Retrieve the public key of a host.

Advanced SSH Examples

Mount Remote Directory with SSHFS

Mount a remote directory over SSH:

sshfs user@remote_host:/remote/path /local/mountpoint

Unmount:

fusermount -u /local/mountpoint

SSH Socks Proxy for Browser

Set up a SOCKS proxy and configure your web browser to use it for secure browsing:

ssh -D 8080 -C user@remote_host

Configure your browser's proxy settings to use localhost on port 8080 as a SOCKS v5 proxy.

Run Remote Command Non-Interactively

Execute a command on a remote server without logging in:

ssh user@remote_host 'ls -la /var/www'

SSH Port Knocking

If your server uses port knocking for security, use the following sequence:

for x in port1 port2 port3; do nmap -Pn --host_timeout 100 --max-retries 0 -p $x your.server.com; done
ssh [email protected]

Security Best Practices

Disable Root Login: Edit /etc/ssh/sshd_config and set PermitRootLogin no.
Change Default Port: Change the Port directive in /etc/ssh/sshd_config to a non-standard port.
Use Public Key Authentication: Disable password authentication by setting PasswordAuthentication no in sshd_config.
Enable Two-Factor Authentication: Integrate with tools like Google Authenticator or Duo Security.
Restrict Users: Use the AllowUsers or DenyUsers directives to control who can log in.

Troubleshooting

ssh -vvv user@host - Enable verbose mode to debug connection issues.
Check /var/log/auth.log or /var/log/secure on the server for authentication errors.
Ensure correct permissions on ~/.ssh and key files (chmod 700 ~/.ssh, chmod 600 ~/.ssh/id_rsa).
Verify the SSH service is running: sudo systemctl status sshd or sudo service ssh status.
Test network connectivity: ping remote_host, telnet remote_host port.

Return to Home