title: SSH date: 2021-01-27 11:48:05 background: bg-blue-400 tags: - protocol - remote - network - 22 categories: - Linux Command intro: | This quick reference cheat sheet provides various for using SSH.

Getting Started

Connecting

Connect to a server (default port 22)

$ ssh root@192.168.1.5

Connect on a specific port

$ ssh root@192.168.1.5 -p 6222

Connect via pem file (0400 permissions)

$ ssh -i /path/file.pem root@192.168.1.5

See: SSH Permissions

Executing

Executes remote command

$ ssh root@192.168.1.5 'ls -l'

Invoke a local script

$ ssh root@192.168.1.5 bash < script.sh

Compresses and downloads from a server

$ ssh root@192.168.1.5 "tar cvzf - ~/source" > output.tgz

SCP {.row-span-2}

Copies from remote to local

$ scp user@server:/dir/file.ext dest/

Copies between two servers

$ scp user@server:/file user@server:/dir

Copies from local to remote

$ scp dest/file.ext user@server:/dir

Copies a whole folder

$ scp -r user@server:/dir dest/

Copies all files from a folder

$ scp user@server:/dir/* dest/

Copies from a server folder to the current folder

$ scp user@server:/dir/* .

Config location

File Path Description
/etc/ssh/ssh_config System-wide config
~/.ssh/config User-specific config
~/.ssh/id_{type} Private key
~/.ssh/id_{type}.pub Public key
~/.ssh/known_hosts Logged in host
~/.ssh/authorized_keys Authorized login key

SCP Options

Options Description
scp -r Recursively copy entire directories
scp -C Compresses data
scp -v Prints verbose info
scp -P 8080 Uses a specific Port
scp -B Batch mode (Prevents password)
scp -p Preserves times and modes

Config sample

Host server1 
    HostName 192.168.1.5
    User root
    Port 22
    IdentityFile ~/.ssh/server1.key

Launch by alias

$ ssh server1

See: Full Config Options

ProxyJump

$ ssh -J proxy_host1 remote_host2
$ ssh -J user@proxy_host1 user@remote_host2

Multiple jumps

$ ssh -J user@proxy_host1:port1,user@proxy_host2:port2 user@remote_host3

ssh-copy-id

$ ssh-copy-id user@server

Copy to alias server

$ ssh-copy-id server1

Copy specific key

$ ssh-copy-id -i ~/.ssh/id_rsa.pub user@server

SSH keygen {.cols-5}

ssh-keygen {.col-span-2}

$ ssh-keygen -t rsa -b 4096 -C "your@mail.com" 

- - -
-t Type of key
-b The number of bits in the key
-C Provides a new comment
{.left-text}

Generate an RSA 4096 bit key with email as a comment

Generate {.col-span-2 .row-span-2}

Generate a key interactively

$ ssh-keygen

Specify filename

$ ssh-keygen -f ~/.ssh/filename

Generate public key from private key

$ ssh-keygen -y -f private.key > public.pub

Change comment

$ ssh-keygen -c -f ~/.ssh/id_rsa

Change private key passphrase

$ ssh-keygen -p -f ~/.ssh/id_rsa

Key type

known_hosts {.col-span-2}

Search from known_hosts

$ ssh-keygen -F <ip/hostname>

Remove from known_hosts

$ ssh-keygen -R <ip/hostname>

Key format

Also see