cheat.sheets:ssh
# ssh
# OpenSSH SSH client (remote login program)
# SSH in via PEM file, which normally needs 0600 permissions.
ssh -i /path/to/file.pem user@example.com
# Connect through a non-standard port. It's recommended not to use the default
# port of 22, as it is so often targeted, due to it being so commonplace.
ssh -p 2222 user@example.com
# Connect and forward the authentication agent.
ssh -A user@example.com
# Execute a command on a remote server.
ssh -t user@example.com 'the-remote-command'
# Tunnel an X session over SSH, via X11 Forwarding.
ssh -X user@example.com
# Redirect traffic with a tunnel between local host (port 8080) and a remote
# host (remote.example.com:5000) through a proxy (personal.server.com).
ssh -f -L 8080:remote.example.com:5000 user@personal.server.com -N
# Launch a specific X application over SSH.
ssh -X -t user@example.com 'chromium-browser'
# Create a SOCKS proxy on localhost and port 9999.
ssh -D 9999 user@example.com
# Connect to server, but allow for X11 forwarding, while also using Gzip
# compression (can be much faster; YMMV), and using the `blowfish` encryption.
# For more information, see: http://unix.stackexchange.com/q/12755/44856
ssh -XCc blowfish user@example.com
# Copy files and directories, via SSH, from remote host to the current working
# directory, with Gzip compression. An option for when `rsync` isn't available.
#
# This works by creating (not temporary!) a remote Tar archive, then piping its
# output to a local Tar process, which then extracts it to STDOUT.
ssh user@example.com 'tar -C /var/www/Shared/ zcf - asset1 asset2' | tar zxf -
# Explicitly specify a key for connection. Useful if you have too many
# authentication failures for a given username.
ssh -i some_id_rsa -o IdentitiesOnly=yes them@there:/path/
# Temporarily disable `pubkey` authentication for this instance.
ssh -o PubkeyAuthentication=no username@hostname.com
# Mount a remote directory or filesystem, through SSH, to a local mount point.
# Install SSHFS from: https://github.com/libfuse/sshfs
sshfs name@server:/path/to/folder /path/to/mount/point
# EMACS can read files through SSH. Below, is a link to related documentation.
#
# http://www.gnu.org/software/emacs/manual/html_node/emacs/Remote-Files.html
#
emacs /ssh:name@server:/path/to/file
# Get help for SSH escape sequences. Useful for terminating unresponsive
# sessions. The default escape character is ~ (tilde), escapes are only
# recognized immediately after a newline.
$ <Enter>~?
cheat:ssh
---
tags: [ ssh ]
---
# To ssh via pem file (which normally needs 0600 permissions):
ssh -i <pemfile> <user>@<host>
# To connect on a non-standard port:
ssh -p <port> <user>@<host>
# To connect and forward the authentication agent:
ssh -A <user>@<host>
# To execute a command on a remote server:
ssh -t <user>@<host> 'the-remote-command'
# To connect to a host with a specific key exchange algorithm:
# Full list of available algorithms : man ssh_config
ssh -oKeXAlgorithms=+diffie-hellman-group-exchange-sha1 <user>@<server>
# To tunnel an x session over SSH:
ssh -X <user>@<host>
# Redirect traffic with a tunnel between local host (port 8080) and a remote
# host (remote.example.com:5000) through a proxy (personal.server.com):
ssh -f -L 8080:remote.example.com:5000 user@personal.server.com -N
# To launch a specific x application over SSH:
ssh -X -t <user>@<host> 'chromium-browser'
# To create a SOCKS proxy on localhost and <port>:
ssh -qND <port> <user>@<host>
# To tunnel an ssh session over the SOCKS proxy on localhost and port 9999:
ssh -o "ProxyCommand nc -x 127.0.0.1:9999 -X 4 %h %p" <user>@<host>
# -X use an xsession, -C compress data, "-c blowfish" use the encryption blowfish:
ssh <user>@<host> -C -c blowfish -X
# For more information, see:
# http://unix.stackexchange.com/q/12755/44856
# To copy files and folders through ssh from remote host to pwd with tar.gz
# compression when there is no rsync command available:
ssh <user>@<host> "cd /var/www/Shared/; tar zcf - asset1 asset2" | tar zxf -
# To mount folder/filesystem through SSH
# Install SSHFS from https://github.com/libfuse/sshfs
# Will allow you to mount a folder securely over a network.
sshfs <user>@<host>:/path/to/folder /path/to/mount/point
# Emacs can read file through SSH
# Doc: http://www.gnu.org/software/emacs/manual/html_node/emacs/Remote-Files.html
emacs /ssh:<user>@<host>:<file>
tldr:ssh
# ssh
# Secure Shell is a protocol used to securely log onto remote systems.
# It can be used for logging or executing commands on a remote server.
# More information: <https://man.openbsd.org/ssh>.
# Connect to a remote server:
ssh username@remote_host
# Connect to a remote server with a specific identity (private key):
ssh -i path/to/key_file username@remote_host
# Connect to a remote server using a specific port:
ssh username@remote_host -p 2222
# Run a command on a remote server with a [t]ty allocation allowing interaction with the remote command:
ssh username@remote_host -t command command_arguments
# SSH tunneling: Dynamic port forwarding (SOCKS proxy on `localhost:1080`):
ssh -D 1080 username@remote_host
# SSH tunneling: Forward a specific port (`localhost:9999` to `example.org:80`) along with disabling pseudo-[T]ty allocation and executio[N] of remote commands:
ssh -L 9999:example.org:80 -N -T username@remote_host
# SSH jumping: Connect through a jumphost to a remote server (Multiple jump hops may be specified separated by comma characters):
ssh -J username@jump_host username@remote_host
# Agent forwarding: Forward the authentication information to the remote machine (see `man ssh_config` for available options):
ssh -A username@remote_host
$
cheat.sh