Summary of Common Commands for ssh

Keywords: Linux

The Secure Shell abbreviation is SSH, developed by the Network Working Group of IETF, which is a security protocol created on the application and transport layers to provide secure transport and use environments for computer shells.

Simple usage

The easiest way to use it is without parameters.

> ssh's password:

By default, the current user will be used to log on to the host in this form. The first time you connect, SSH will confirm the authenticity of the target host and enter yes if there are no problems.

Specify user name login

Method One

> ssh -l rumenz

Method 2

> ssh

Method 2 is common

Specify port login

The default port number used by ssh is 22. Most modern Linux systems have port 22 open. If you run the ssh program without specifying a port number, it sends requests directly through port 22.

If we don't want to log on through port 22, we can use the -p option to specify the port.

> ssh -p 1234

Modify the default port of SSH

Simply modify/etc/ssh/ssh_config to modify the following line:

> vim /etc/ssh/ssh_config
Port 1234

//Restart ssh 
> systemctl restart sshd.service

Compress all data requests

With the -C option, all data sent or received through SSH will be compressed and still encrypted.

> ssh -C

However, this option is useful when the network speed is not very fast, and when the network speed is fast, using compression will reduce efficiency, so use it as appropriate.

Turn on debugging mode

For some reason, we want to track and debug the SSH connection we established. The -v option parameter provided by SSH is set for this purpose. It can see where the problem occurred.

> ssh -v

OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to port 22.
debug1: Connection established.
debug1: identity file /Users/mac/.ssh/id_rsa type 0
debug1: identity file /Users/mac/.ssh/id_rsa-cert type -1
debug1: identity file /Users/mac/.ssh/id_dsa type -1
debug1: identity file /Users/mac/.ssh/id_dsa-cert type -1
debug1: identity file /Users/mac/.ssh/id_ecdsa type -1
debug1: identity file /Users/mac/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/mac/.ssh/id_ed25519 type -1
debug1: identity file /Users/mac/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/mac/.ssh/id_xmss type -1
debug1: identity file /Users/mac/.ssh/id_xmss-cert type -1

Binding Source Address

If a computer or server has multiple network cards, it is not possible to tell which IP is used to connect to the SSH server. To solve this problem, we can use the -b option to specify an IP address. This IP will be used as the source address for the connection.

> ssh -b

Remote Execution Command

If we just want to execute a command remotely, we can just follow it

> ssh ls -l

Mount remote file system

sshfs allows you to mount the file system of remote hosts directly locally. It is used in the following format:

> sshfs -o idmap=user user@hostname:/home/user ~/Remote

This command mounts the home directory of the remote host pi user to the rumenz folder under the local home directory.

> sshfs -o idmap=user ~/rumenz

Original Link:
WeChat Public Number: Getting Started Station

Posted by Woad.php on Sat, 02 Oct 2021 09:38:44 -0700