- Basic SSH + Config
Secure Shell (SSH) is a cryptographic network protocol for remote system administration and file transfers.
This document will summarize a collection of useful SSH commands that I use regularly.
All commands assume that you are using the OpenSSH SSH client.
The most common use case for
ssh is logging into and executing commands on a remote machine.
For ease of use, a user defined configuration file can be created:
Now, to log into the remote server, the command is simpler.
To avoid entering in your password each time you want to remote in, an ssh key can be used instead. First, generate a secure ssh key.
Now, put the contents of the
*.pub file into the remote server’s
authorized_keys file should belong to the user, with user read and write permissions only.
To ensure that the key files are kept permanently, they can be added in the
~/.ssh/config file. It is a good idea to make the keys specific to the host, otherwise all keys will be tried against the server each time an ssh connection is attempted.
Sometimes, you need to SSH into a machine that is only accessable through another machine.
For instance, a proxy server is accessable from WAN, while the target device is accessable from the proxy server.
Rather than running the ssh command twice, an alterantive is to setup a proxy command in the ssh configuration.
ssh bento, the connection will be proxied through sushi.
These proxies can be chained.
An alternative to the proxy command configuration is to use Proxy Jump.
It is simpler to use proxy jump, as you don’t need to specify the direct SSH command in the configuration.
If a linux server is behind a NAT and a firewall, a reverse SSH tunnel may be a solution.
This example uses three machines, a local that you are currently using, a destination that you are trying to connect to, and a middle that both local and destination can SSH into.
On the destination computer, type the following command replacing middleuser with the middle machine’s username and middle with the domain of the middle machine.
Port 36446 will be opened for listening and will forward future connections to port 22.
Now, to access the destination computer, you can connect using the following command:
The sample port of 36446 is arbitrary.
Any open and available port can be used instead.
This is a quick shell script for running a reverse tunnel. It can be used in combination with
If you want to browse the internet as if you are another machine, one method is to use a SOCKS proxy tunnel.
This is particularly useful if you want to access a Jupyter lab or notebook that is running on another server locally.
Within Firefox, go to
Preferences > Network Settings. Under the category
Configure Proxy Access to the Internet select
Manual proxy configuration.
- SOCKS Host:
- SOCKS v5:
Now, when browsing the internet in Firefox, you are proxied through your remote server through SOCKS.
The port number 8123 is arbitrary and can be any available, free port.
Occasionally, the SSH session will become unresponsive while you are connected remotely.
You can use the ssh escape sequence
~. to close the SSH session without closing the terminal window.