Kelvin's tech-box

Useful SSH commands

Kelvin Li -

SSH is a great tool with all transport data encrypted, it provide safe tunnel and multiple identity verification approach.

Here are some useful ssh command:

  • Copy SSH publish key to the target server
ssh-copy-id user@host

If you don't have the key pair, use ssh-keygen to generated keys first.

if you don't have ssh-copy-id in your machine:

cat ~/.ssh/id_rsa.pub | ssh user@machine “mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys”
  • Open the tunnel from remote server's 80 port to localhost 2000 port
ssh -N -L2001:localhost:80 somemachine

Now you can access remote site via http://localhost:2000

  • Output your Mic to the remote server's speaker
dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp
  • Compare remote and local file
ssh user@host cat /path/to/remotefile | diff /path/to/localfile –
  • Mount folder or filesystem via SSH
sshfs name@server:/path/to/folder /path/to/mount/point

download sshfs from http://fuse.sourceforge.net/sshfs.html. It allow you mount a folder cross the network securely.

  • Create SSH via the middle server
ssh -t reachable_host ssh unreachable_host
  • Directly connect to the machine A which need to connect from machine B
ssh -t hostA ssh hostB
  • Perisistent target machine's connection
ssh -MNf <user>@<host>

config in ~/.ssh/config:

Host host
ControlPath ~/.ssh/master-%r@%h:%p
ControlMaster no
  • Connect to screen via SSH
ssh -t remote_host screen –r
  • port checking (knock)
knock <host> 3000 4000 5000 && ssh -p <port> user@host && knock <host> 5000 4000 3000
  • delete one line in the host file and repair.
ssh-keygen -R <the_offending_host>
  • Execute the complex shell command via SSH
ssh host -l user $(<cmd.txt)

ssh host -l user “`cat cmd.txt`”
  • Copy MySQL DB to new server via SSH
mysqldump –add-drop-table –extended-insert –force –log-error=error.log -uUSER -pPASS OLD_DB_NAME | ssh -C user@newhost “mysql -uUSER -pPASS NEW_DB_NAME”
  • Testing network throughput capacity with SSH
yes | pv | ssh $host “cat > /dev/null”

preinstall pv

Debian:apt-get install pv
Fedora: Debian:apt-get install pv

  • Continue transmit SCP big file
rsync –partial –progress –rsh=ssh $file_source $user@$host:$destination_file

rsync –partial –progress –rsh=ssh $file_source $user@$host:$destination_file local -> remote

rsync –partial –progress –rsh=ssh $user@$host:$remote_file $destination_file remote -> local
  • Analysis network package with ssh and wireshare 
ssh root@server.com ‘tshark -f “port !22″ -w -' | wireshark -k -i –

ssh root@example.com tcpdump -w – ‘port !22′ | wireshark -k -i –
  • Keep the SSH session open permanently
autossh -M50000 -t server.example.com ‘screen -raAd mysession’
  • More stable, faster ssh client
ssh -4 -C -c blowfish-cbc

force IPv4,compress data stream and use blowfish to encrypt

  • Use cstream control network bandwidth
tar -cj /backup | cstream -t 777k | ssh host ‘tar -xj -C /backup’

Use bzip compress folder and transit the file in 777k bit/s。more functions about Cstream, refer: http://www.cons.org/cracauer/cstream.html#usage  e.g.

echo w00t, i’m 733+ | cstream -b1 -t2
  • copy  stdin to X11 buffer (xclip)
ssh user@host cat /path/to/some/file | xclip

Done