Skip to content
halo`s Docs

SSH

Getting Started

Connecting

Connect to a server (default port 22)

Terminal window
$ ssh root@192.168.1.5

Connect on a specific port

Terminal window
$ ssh root@192.168.1.5 -p 6222

Connect via pem file (0400 permissions)

Terminal window
$ ssh -i /path/file.pem root@192.168.1.5

See: SSH Permissions

Executing

Executes remote command

Terminal window
$ ssh root@192.168.1.5 'ls -l'

Invoke a local script

Terminal window
$ ssh root@192.168.1.5 bash < script.sh

Compresses and downloads from a server

Terminal window
$ ssh root@192.168.1.5 "tar cvzf - ~/source" > output.tgz

SCP {.row-span-2}

Copies from remote to local

Terminal window
$ scp user@server:/dir/file.ext dest/

Copies between two servers

Terminal window
$ scp user@server:/file user@server:/dir

Copies from local to remote

Terminal window
$ scp dest/file.ext user@server:/dir

Copies a whole folder

Terminal window
$ scp -r user@server:/dir dest/

Copies all files from a folder

Terminal window
$ scp user@server:/dir/* dest/

Copies from a server folder to the current folder

Terminal window
$ scp user@server:/dir/* .

Config location

File PathDescription
/etc/ssh/ssh_configSystem-wide config
~/.ssh/configUser-specific config
~/.ssh/id_{type}Private key
~/.ssh/id_{type}.pubPublic key
~/.ssh/known_hostsKnown Servers
~/.ssh/authorized_keysAuthorized login key

SCP Options

OptionsDescription
scp -rRecursively copy entire directories
scp -CCompresses data
scp -vPrints verbose info
scp -P 8080Uses a specific Port
scp -BBatch mode (Prevents password)
scp -pPreserves times and modes

Config sample

Host server1
    HostName 192.168.1.5
    User root
    Port 22
    IdentityFile ~/.ssh/server1.key

Launch by alias

Terminal window
$ ssh server1

See: Full Config Options

ProxyJump

Terminal window
$ ssh -J proxy_host1 remote_host2
Terminal window
$ ssh -J user@proxy_host1 user@remote_host2

Multiple jumps

Terminal window
$ ssh -J user@proxy_host1:port1,user@proxy_host2:port2 user@remote_host3

ssh-copy-id

Terminal window
$ ssh-copy-id user@server

Copy to alias server

Terminal window
$ ssh-copy-id server1

Copy specific key

Terminal window
$ ssh-copy-id -i ~/.ssh/id_rsa.pub user@server

SSH keygen {.cols-5}

ssh-keygen {.col-span-2}

Terminal window
$ ssh-keygen -t rsa -b 4096 -C "your@mail.com"
---
-tType of key
-bThe number of bits in the key
-CProvides a new comment

{.left-text}

Generate an RSA 4096 bit key with email as a comment

Generate {.col-span-2 .row-span-2}

Generate a key interactively

Terminal window
$ ssh-keygen

Specify filename

Terminal window
$ ssh-keygen -f ~/.ssh/filename

Generate public key from private key

Terminal window
$ ssh-keygen -y -f private.key > public.pub

Change comment

Terminal window
$ ssh-keygen -c -f ~/.ssh/id_rsa

Change private key passphrase

Terminal window
$ ssh-keygen -p -f ~/.ssh/id_rsa

Key type

  • rsa
  • ed25519
  • dsa
  • ecdsa

known_hosts {.col-span-2}

Search from known_hosts

Terminal window
$ ssh-keygen -F <ip/hostname>

Remove from known_hosts

Terminal window
$ ssh-keygen -R <ip/hostname>

Key format

  • PEM
  • PKCS8

Also see