wiki.kamaradski.com

User Tools

Site Tools

Trace: ssh

Sidebar

Cheatsheets:

programming:

How-to:

Troubleshooting:

Rants:

Other:

cheatsheet:ssh

This is an old revision of the document!

Table of Contents

ssh command cheatsheet

Related folders: /etc/ssh/ ⇒ OS level setup and configuration ~/.ssh ⇒ host for all userland config files (config, knownhosts, authorized keys, public & private keys)

create "alias" configuration for a host

$ nano ~/.ssh/config
 
Host somename
        Hostname sftp.somename.com
        User someusername
        IdentityFile ~/.ssh/someprivatekeyfile
 
Host someothername
        Hostname somename.com
        User someusername
        IdentityFile ~/.ssh/someprivatekeyfile
        Port 1234
 
Host yetanothername
        Hostname 10.3.0.12
        User root
 
# you can now        
$ sftp somename
$ ssh yetanothername
$ scp /local/file.ext someothername:/remote/target/folder/

tunneling

open SOCKS tunnel (used for browsing for example)

$ ssh -D 6666 -vTCN username@sshserver.domain.com -p1234
 
# where:
# -D 6666 is the local port to use (pick open port at will)
# -p 1234 is the remote port at which the remote ssh-server is listening for you

tunnel a specific local port to a specific remote port

This is very useful is you want to tunnel into an ssh jumphost in a remote network, and then reach a service on another server inside the target network. For example, you can tunnel a mail local mail client, via an ssh jumphost, to a private email server somewhere on the remote network. 

ssh -L 6666:192.168.1.100:1234 usnername@ssh-jumphost.domain.com -p 8080 -vTN
 
# where
# 6666 is the local port to use (pick open port at will)
# 192.168.1.100 is the ip-address of the remote server (reachable from the ssh jumphost)
# 1234 is the remote port to use on the remote server
# -p 1234 is the remote port at which the remote ssh-server is listening
 
ssh -L opens a local port. Everything that you send to that port is put through the ssh connection and leaves through the server.
If you do, e.g., ssh -L 4444:google.com:80, if you open http://localhost:4444 on your browser, you'll actually see google's page.
 
ssh -D opens a local port, but it doesn't have a specific endpoint like with -L. Instead, it pretends to be a SOCKS proxy.
If you open, e.g., ssh -D 7777, when you tell your browser to use localhost:7777 as your SOCKS proxy, everything your browser 
requests goes through the ssh tunnel. To the public internet, it's as if you were browsing from your ssh server instead of from your computer.
cheatsheet/ssh.1676577152.txt.gz · Last modified: 2023/02/16 19:52 by kamaradski

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki