Ssh from linux shell

Linux Commands: Using Secure Shell (ssh)

The Kubernetes ecosystem is huge and quite complex, so it’s easy to forget about costs when trying out all of the exciting tools.

To avoid overspending on your Kubernetes cluster, definitely have a look at the free K8s cost monitoring tool from the automation platform CAST AI. You can view your costs in real time, allocate them, calculate burn rates for projects, spot anomalies or spikes, and get insightful reports you can share with your team.

Connect your cluster and start monitoring your K8s costs right away:

1. Overview

As more and more sensitive information is transmitted across the Internet, the need for secure, encrypted connections between servers rises.

In this tutorial, we’ll learn about ssh, a protocol and set of tools that provides secure, encrypted communication between servers.

Note that we tested all the commands shown here using Bash; however, they should work with any POSIX-compliant terminal.

2. Configuration

Almost all Unix- and Linux- based operating systems (including macOS) provide a pre-configured ssh program. On the Windows operating system, we can use something like PuTTY or git-bash for Windows to install ssh.

The nice thing about ssh is we don’t need to do anything else for traffic to be encrypted. By default, ssh uses the Diffie-Hellman key exchange to negotiate and swap cryptographic keys and subsequently chose an encryption algorithm for us.

So, once we have ssh on our machine, we can simply start connecting.

3. Accessing a Remote Host

A common use for ssh is connecting to a remote server. For instance, executing the following command will connect us to the host remote-server.com:

After we enter our password on the remote host, that remote host provides us a terminal where we can execute commands as if we were using a shell on our localhost.

Also, note that we can refer to our remote system with a top-level domain, an IP address or a host alias.

4. Port Forwarding

A very useful feature of ssh is port forwarding. This allows us to connect to a local port and have that connection transmitted to some other system that is accessible from the remote system. This can be the system we originally connected to or some other system on that remote network.

To access a port on the connected system we use:

In this example, the localhost:8080 is relative to the remote system remote-server.com. To access a port on a different system available to the remote system remote-server.com we use:

Here, our local connection to port 8888 is sent across our secure channel to the 8080 port of the another-remote-server.com system which is available to the remote-server.com system on its network.

We can also do reverse port forwarding, allowing the remote system to access ports and systems on the local network using -R on the command line.

Again, we can refer to the remote or local systems with top-level domains, IP addresses or a host aliases defined on remote-server.com when port forwarding.

5. Remote Commands

If we don’t need a shell and just want to execute a single command we can just provide the path to that command on the remote system:

This will run /usr/local/bin/some-command on remote-server.com in a non-interactive session, display any stderr or stdout message in the local terminal and terminate the connection when the command completes execution.

6. X11

Many programs on Unix- and Linux- based systems use GUIs based on the X Window System.

If launched on a remote system in order to see the interface on our local system we use -X:

7. Copying Files

Besides local-to-remote connections, we can use our encrypted channel to copy files.

There are a few programs that provide us with this ability.

The first is sftp, which is a secure version of the ftp command. To use it, we just connect using the sftp command and then use it like ftp:

Another program we can use is scp, which provides secure copying from our localhost to the remote server:

We can also use scp to copy files from the remote server to our localhost:

scp [email protected]:my-remote-file.txt ./my-local-copy-of-my-remote-file.txt

Finally, the rsync command much like scp and ftp can copy files from our localhost to our remote server:

It can also copy files from the remote server to our localhost:

rsync [email protected]:/my-remote-file.txt ./my-local-copy-of-my-remote-file.txt

Generally, rsync is faster than sftp and scp.

Before ssh, the File Transfer Protocol (FTP) was the standard protocol used for transfer files from one system to another. However, we should avoid FTP because it transfers data in plain text making it very insecure.

8. Conclusion

In this article, we explored how ssh can provide secure communication under many different circumstances.

Источник

15+ SSH command examples in Linux [Cheat Sheet]

ssh (Secure Shell) is a command-line tool in Linux that allows you to log into a remote machine and execute commands. ssh connects and logs into the specified hostname. It uses the default TCP/IP port 22 to log in. It allows secure encrypted communications between two untrusted hosts over an insecure network. It can also forward X11 connections, arbitrary TCP ports, and UNIX-domain sockets over the secure channel.

How to install ssh client

Most of the newer versions of any Linux distribution have ssh tool pre-installed in the system. You can type ssh in your terminal to check if it is installed.

If you do not get the output like above, you first have to install ssh in your system. You can install from the default package management repositories in any Linux distribution.

To install ssh on CentOS, Fedora, Rocky Linux and RHEL

$ sudo yum install openssh-client

To install ssh on Ubuntu and Debian

$ sudo apt install openssh-client

Since this article is all about SSH client, so the article assumes that you already have a different SSH server to whom you intend to connect using the SSH client.

Different examples to use ssh command

In this article, you will learn to use the ssh command to connect and log in to the remote server.

1. ssh command to connect to a remote machine

You can connect to a remote machine by using its IP address.

Sample Output:

When you try to connect for the first time, it asks for continuing the connection. Type yes and press Enter. Then it asks you to enter the password, which you will use later to log in to the remote machine.

You can also connect to a remote machine using its name.

Sample Output:

Note: You can press «Ctrl + D» or enter exit command to close the SSH connection.

2. Login with a different user in SSH connection using ssh command

By default, the ssh command logins with the current user when connecting to a remote server. To use another user, you can use the following command:

$ ssh -l user_name ip_address

Sample Output:

You can also use the hostname instead of the IP address.

3. ssh command to generate SSH keys

You can generate SSH key pair using ssh-keygen to secure the SSH connections. It generates a pair of public and private keys. When you generate an SSH key pair, you can access a server without entering a password.

Sample Output:

4. ssh command to copy public SSH key to a server

You need to copy the public SSH key in order to use the key for SSH authentication. To copy the key generated from the previous command, you can use:

Sample Output:

After successfully copying the public key, you do not have to enter a password to connect to a remote server.

5. Print debug information using ssh command

-v option prints the process information when connecting to a remote server. That information is useful for debugging an authentication issue. You can also use multiple -v options to print more detailed information. The maximum is 3.

OR to increase the level of verbosity

OR to further increase the level of verbosity

Sample Output:

6. ssh command to execute command on remote nodes

You can use SSH command to execute commands on the remote node

$ ssh username@ip_address "command_to_execute"

Sample Output:

7. Execute SSH multiple commands using SSH on remote nodes

We can also execute multiple commands using SSH on the remote node. The first way is by proving multiple commands separated by semi-colon ( ; ). You can use the following syntax:

$ ssh username@ip_address command1; command2; command3

You can also use a different syntax by providing End Of File as shown below:

$ ssh username@ip_address  > command1 > command2 > EOF

Verify the content of /tmp/file.txt on the remote node:

8. Enable X11 forwarding with ssh command

-X option lets you enable X11 forwarding. It would be best if you used this option with caution. Users who have file permission on the remote server can access the local X11 display through the forwarded connection. Then an attacker will be able to perform keystroke monitoring. Therefore, X11 forwarding is subjected to X11 SECURITY extension restrictions.

Sample Output:

To disable X11 forwarding, you can use -x option.

9. Enable trusted X11 forwarding with ssh command

-Y option enables trusted X11 forwarding with ssh command. The X11 SECURITY extension restrictions are not applicable for trusted X11 forwarding.

Sample Output:

10. Bind address on a local machine using ssh command

-b option allows you to bind address on a local machine as the source address of the connection. It is only useful for systems with more than one address.

Sample Output:

11. ssh command to hide the error message

-q option suppresses or hides the most warning and diagnostic messages in the output.

Sample Output:

12. Initiate SSH connection using a different port number

-p option specifies the port to connect to the remote SSH server. The default SSH port is 22, so we do not have to specify it. You can view the port number in the/etc/ssh/ssh_config file. If the specified port number does not match with the ssh_config port number, the connection gets refused.

Sample Output:

13. Request compression of all data using ssh command

-C option enables compression for all data (including stdin, stdout, stderr, and data for forwarded X11 and TCP connections). The compression is useful on slow connections and modem lines, but it will slow down things on fast networks.

Sample Output:

14. Disable strict host key checking with ssh command

With -o option, you can specify different options in the format given in the ssh_config file. To disable strict host key checking, you can use:

$ ssh -o StrictHostKeyChecking=no ip_address

Sample Output:

15. Specify the protocol version using ssh command

You can use -1 to specify protocol version 1 and -2 to use protocol version 2. The default value is «2,1» which ssh tries to use version 2 and use version 1 if 2 is unavailable.

Sample Output:

16. ssh command to use only IPv6 address

You can use -6 option to use only an IPv6 address to connect to a remote server.

Sample Output:

As you can see, the IPv4 address is not supported with -6 option. You can use -4 option to use only the IPv4 address.

17. Set connection timeout value using ssh command

You can specify the timeout in seconds when connecting to the SSH server. The value is applicable when the target is down or unreachable, not when the connection is refused.

$ ssh -o ConnectTimeout=NUM ip_address

Sample Output:

18. Using -o option with ssh command

-o option is useful for specifying option which has no separate command-line flag. It can be used to change any default value to other possible values. You can find the options and their possible values in ssh_config.

$ ssh -o option=value ip_address

Following are some of the options which can be used above with -o argument:

AddKeysToAgent AddressFamily BatchMode BindAddress CanonicalDomains CanonicalizeFallbackLocal CanonicalizeHostname CanonicalizeMaxDots CanonicalizePermittedCNAMEs CertificateFile ChallengeResponseAuthentication CheckHostIP Ciphers ClearAllForwardings . StrictHostKeyChecking TCPKeepAlive Tunnel TunnelDevice UpdateHostKeys UsePrivilegedPort User UserKnownHostsFile VerifyHostKeyDNS VisualHostKey XAuthLocation

For complete list of options you can refer the man page of ssh command.

Summary

These are the most used ssh command examples in Linux. System and network administrators use this command to manage the remote server. You can connect and log in to a remote server with an encrypted method using the SSH tool.

What’s Next

Further Reading

Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

For any other feedbacks or questions you can either use the comments section or contact me form.

Thank You for your support!!

1 thought on “15+ SSH command examples in Linux [Cheat Sheet]”

If you use LDAP, you make sure you also have a local account with the same name and the necessary sudo rights Reply

Источник