SSH Cheatsheet

SSH, or Secure Shell, is a fundamental tool for securely connecting to and managing remote servers. Whether you’re a seasoned system administrator or just starting to explore the command line, having a solid grasp of SSH commands is essential. This cheatsheet provides a quick reference for the most commonly used SSH operations.

Connecting to a Server

The basic syntax for connecting to a server with SSH is:

ssh username@server_address [-p port_number]
  • username: Your username on the remote server.
  • server_address: The IP address or hostname of the server.
  • port_number: The port number used by the SSH server.

Password vs. Key-Based Authentication

You can connect to a server using a password or a public/private key pair. Key-based authentication is generally considered more secure as it eliminates the need to transmit passwords over the network.

Basic File Transfer

  • scp (Secure Copy): Used to securely copy files between your local machine and the remote server.

    • To copy a file from the remote server to your local machine:
scp username@server_address:/path/to/file local_destination
  • To copy a file from your local machine to the remote server:
scp local_file username@server_address:/path/to/destination

Remote Commands

You can execute commands on the remote server directly from your local terminal:

ssh username@server_address 'command_to_execute'
  • command_to_execute: The command you want to run on the remote server.

Understanding the .ssh Directory

The hidden directory ~/.ssh (on Unix-based systems) stores SSH configuration files specific to your user account. It’s typically not created by default, but SSH will create it if it’s missing when you first use a key-based authentication or configure the client. Common files you might find in this directory include:

  • id_rsa (private key): This file contains your private SSH key, used for key-based authentication. It should be kept secret and have strict permissions to prevent unauthorized access.
  • id_rsa.pub (public key): This public key file corresponds to your private key and can be added to authorized keys on servers you want to connect to.
  • config (SSH configuration file): This file allows you to define connection options for specific servers or set global defaults for SSH.

Exploring the SSH Config File

The config file within the .ssh directory is a powerful tool for customizing SSH connections. It uses a simple format with options and arguments to define settings. Here are some common uses:

  • Host definitions: You can create sections for specific servers (identified by hostname or IP address) and define options for those connections, such as port, username, and IdentityFile (path to your private key).
  • Global options: You can set default settings for all SSH connections, like preferred encryption ciphers or preferred authentication methods.
  • Aliases: You can define aliases for servers to simplify connection commands. For example, you could create an alias for a server with a long hostname to make connecting easier.

SSH Tunneling

SSH tunneling, also known as SSH port forwarding, is a powerful feature that allows you to create secure connections between your local machine and a remote server. It essentially creates an encrypted tunnel through which you can forward traffic between different ports. This can be useful for various purposes, such as:

  • Securely accessing remote services: If a server offers a service on a non-standard port (for example, a web server on port 8080 instead of the usual port 80), you can use SSH tunneling to securely access it as if it were running on the standard port on your local machine.
  • Tunneling traffic through firewalls: Firewalls might restrict access to certain ports. By tunneling traffic through an SSH connection, you can bypass these restrictions and access the desired service. (Note: This should only be done with proper authorization and caution)
  • Creating SOCKS proxies: SSH tunnels can be configured to function as SOCKS proxies, allowing you to route all your internet traffic through the secure SSH connection.

There are two main types of SSH tunneling:

  • Local Port Forwarding: This forwards traffic from a specific port on your local machine to a port on the remote server. Here’s an example:

    Let’s say you want to securely access a web server running on port 8080 on a remote server. You can use local port forwarding to map port 8080 on the remote server to a different port (e.g., port 8000) on your local machine. By accessing http://localhost:8000 in your web browser, the traffic will be securely tunneled through the SSH connection and reach the web server on the remote machine.

    The command for this scenario would be:

    ssh -L 8000:localhost:8080 username@server_address
    
    • -L: Flag for local port forwarding.
    • 8000: Local port on your machine where you want to access the service.
    • localhost:8080: The destination on the remote server (localhost refers to the remote server itself in this case).
    • username: Your username on the remote server.
    • server_address: The IP address or hostname of the remote server.
  • Remote Port Forwarding (Reverse Tunneling): This forwards traffic from a port on the remote server to a specific port on another machine on your network. This can be useful for exposing services running on the remote server to other machines on your local network.

    Here’s an example:

    Imagine you have a database server running on a remote server behind a firewall, but you need to access it from your local machine. You can set up remote port forwarding to expose the database port (e.g., port 3306) on the remote server to a different port (e.g., port 5432) on your local machine. This allows you to connect to the database server using your local database client as if it were running locally.

    The command for this scenario would be:

    ssh -R 5432:localhost:3306 username@server_address
    
    • -R: Flag for remote port forwarding.
    • 5432: Port on your local machine that will be forwarded to the remote server.
    • localhost:3306: The destination on the remote server (localhost refers to the remote server itself in this case).
    • username: Your username on the remote server.
    • server_address: The IP address or hostname of the remote server.

These are just a couple of basic examples of SSH tunneling. With some exploration, you’ll find many other use cases for this versatile tool. Remember, it’s important to understand the security implications before implementing SSH tunnels, especially when bypassing firewalls.

SSH Commands

Here are some common SSH commands and their use cases:

  • ssh-keygen: Generates a new SSH key pair.
  • ssh-copy-id user@host: Copies your public key to a remote server’s authorized keys file.
  • ssh-agent: Manages your SSH keys and allows you to enter passphrases only once.
  • ssh-add: Adds private keys to the SSH agent.
  • ssh -o PubkeyAuthentication=no user@host: Disables public key authentication for a specific SSH session.
  • ssh-keygen -f "/home/user/.ssh/known_hosts" -R "192.168.1.1" : Removes a specific host entry from the known_hosts file.
  • ssh -J jump_host user@target_host: Connects to a target host via a jump host (SSH bastion).

Tips and Tricks

  • Use ssh and then tmux if you want to persist your session in case of network interruptions. This way, you can reconnect to your session and continue where you left off.

  • Use config aliases to simplify your SSH connections. For example, you can define an alias for a server with a long hostname and non-standard port to save time typing the connection command.

  • Always use strong, unique passwords or passphrase-protected SSH keys to secure your connections. Avoid using default usernames like “root” and disable password-based authentication if possible.

  • Tunneling through SSH can be a powerful tool, espessially for developers, but it should be used responsibly and with caution.

  • Remember to always keep your SSH keys secure and avoid sharing them with unauthorized users. Regularly update your keys and rotate them if necessary to maintain a high level of security.

George Litos
George Litos
Senior Software Engineer