Basic Connections
Standard Connection
$ ssh username@hostname
$ ssh -p 2222 username@hostname # custom port
$ ssh host.example.com # using config
$ ssh -v username@hostname # verbose output
Connection Options
$ ssh -i ~/.ssh/key.pem hostname # identity file
$ ssh -A hostname # forward auth agent
$ ssh -X hostname # X11 forwarding
$ ssh -Y hostname # trusted X11
$ ssh -f hostname # background
Key Management
Generate Keys
$ ssh-keygen -t rsa -b 4096
$ ssh-keygen -t ed25519
$ ssh-keygen -t rsa -C "comment"
$ ssh-keygen -f ~/keys/special
Key Operations
$ ssh-copy-id user@hostname
$ ssh-add ~/.ssh/id_rsa
$ ssh-add -l # list keys
$ ssh-add -D # delete all
$ ssh-keygen -R hostname # remove from known_hosts
Port Forwarding
Local Forwarding
$ ssh -L 8080:localhost:80 host
$ ssh -L 3000:internal:3000 host
$ ssh -L "*:8080:localhost:80" host
Remote Forwarding
$ ssh -R 8080:localhost:80 host
$ ssh -R 3000:internal:3000 host
$ ssh -R "*:8080:localhost:80" host
Advanced Usage
SOCKS Proxy
$ ssh -D 9999 hostname
$ ssh -D 0.0.0.0:9999 hostname
$ ssh -D 9999 -N hostname # proxy only
File Transfer
$ scp file.txt user@host:~/path/
$ scp -r folder/ user@host:~/path/
$ sftp user@hostname
$ rsync -av -e ssh ~/local/ user@host:~/path/
Configuration
SSH Config
# ~/.ssh/config
Host nickname
HostName hostname
User username
Port 2222
IdentityFile ~/.ssh/key.pem
Security Options
$ ssh -o "StrictHostKeyChecking=no" host
$ ssh -o "UserKnownHostsFile=/dev/null" host
$ ssh -o "ServerAliveInterval=60" host
$ ssh -o "ServerAliveCountMax=3" host
Common Switches
| Switch | Description |
|---|---|
-p |
Port number |
-i |
Identity file |
-L |
Local port forwarding |
-R |
Remote port forwarding |
-D |
Dynamic port forwarding |
-N |
No command (forward only) |
-f |
Background |
-v |
Verbose mode |
-q |
Quiet mode |
-C |
Compression |
0 Comments for this cheatsheet. Write yours!