25 SSH commands that must be remembered

The 25 SSH commands that must be remembered are free versions of the SSH connection tool. Telnet, rlogin and ftp users may not realize that their passwords transmitted over the Internet are unencrypted, but SSH is encrypted. OpenSSH encrypts all communications (including passwords ), effectively eliminates eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides Security tunneling and multiple authentication methods, supporting all versions of the SSH protocol. SSH is a great tool. If you want to remotely connect to the server on the internet, SSH is undoubtedly the best candidate. The following are the 25 best SSH commands selected by voting on the Internet. (Note: Some commands with long content are displayed as truncated in this article. If you need to read the complete command, you can copy the entire line to your notepad for reading .) 1. copy the SSH key to the target host and enable password-free SSH logon to ssh-copy-id user @ host. If no key exists, use the ssh-keygen command to generate the key. 2. Open the ssh-N-L2001: localhost: 80 somemachine tunnel from port 80 of a host to port 2001 of the local host. Now you can enter http: // localhost: 2001 visit this website. 3. Output your microphone to the remote computer's speaker dd if =/dev/dsp | ssh-c arcfour-C username @ host dd of =/dev/dsp from your microphone. the port sound will be output on the speaker port of the SSH target computer, but unfortunately, the sound quality is poor and you will hear a lot of hissing. 4. Compare the remote and local files ssh user @ host cat/path/to/remotefile | diff/path/to/localfile-this command is very good when comparing the differences between local and remote files. 5. mount the directory/File System sshfs name @ server:/path/to/folder/path/to/mount/point through SSH. Download sshfs from http://fuse.sourceforge.net/sshfs.htmlto allow you to upload a directory across network security. 6. Create an SSH connection to ssh-t reachable_host through the intermediate host ssh unreachable_hostUnreachable_host indicates that the host cannot be directly accessed from the local network, but can be accessed from the network where the reachable_host is located, this command creates a connection to unreachable_host by "hiding" the connection to reachable_host. 7. Copy your SSH public key to a remote host, enable password-less login-Simple Method ssh-copy-id username @ hostname8, directly connect to host A ssh-t hostA ssh hostB that can only be connected through host B, of course, you must be able to access host. 9. Create a persistent connection ssh-MNf to the target host @ Create a persistent connection to the target host in the background and send this command to you ~ Use the configuration in/. ssh/config in combination: Host hostControlPath ~ /. Ssh/master-% r @ % h: % pControlMaster no all SSH connections to the target host will use persistent SSH sockets, if you use SSH to regularly synchronize files (using rsync/sftp/cvs/svn), this command is very useful because no new socket will be created each time you open an SSH connection. 10. Connect to the screen through SSH-t remote_host screen-r and directly connect to the remote screen SESSION (saving useless parent bash processes ). 11. Port detection (knocking) knock 3000 4000 5000 & ssh-p User @ host & knock 5000 4000 3000 To open a service port (such as SSH) on a port, and then close the port, you need to install knockd first. The following is a configuration file example. [Options] logfile =/var/log/knockd. log [openSSH] sequence = 3000,4000, 5000seq_timeout = 5 command =/sbin/iptables-a input-I eth0-s % IP %-p tcp-dport 22-j ACCEPTtcpflags = syn [closeSSH] sequence = 5000,4000, 3000seq_timeout = 5 command =/sbin/iptables-d input-I eth0-s % IP %-p tcp-dport 22-j ACCEPTtcpflags = syn12 delete a line of content in the text file, useful repairs for ssh-keygen-R In this case, it is best to use professional tools. 13. Run the complex remote shell command SSH host-l user $ ( More portable versions: ssh host-l user "'cat login .txt '" 14. Use SSH to copy the MySQL database to the new server mysqldump-add-drop-table-extended-insert-force-log-error = error. log-uUSER-pPASS OLD_DB_NAME | ssh-C user @ newhost "mysql-uUSER-pPASS NEW_DB_NAME" dumps a MySQL database through the compressed SSH tunnel and passes it as input to the mysql command, I think this is the fastest and best way to migrate a database to a new server. 15. delete a row in the text file and fix the "SSH host key change" Warning sed-I 8d ~ /. Ssh/known_hosts16. Copy your SSH public key from a host without SSH-COPY-ID commands to the server cat ~ /. Ssh/id_rsa.pub | ssh user @ machine "mkdir ~ /. Ssh; cat >> ~ /. Ssh/authorized_keys "if you use Mac OS X or other * nix variants without the ssh-copy-id command, this command can copy your public key to the remote host, therefore, you can achieve SSH login without a password. 17. Real-time SSH network throughput test yes | pv | ssh $ host "cat>/dev/null" connects to the host through SSH, displaying the real-time transmission speed, to direct all transmitted data to/dev/null, install pv first. For Debian: apt-get install pv for Fedora: yum install pv (you may need to enable additional software repositories ). 18. If you create a remote GNU screen ssh-t user@some.domain.com/usr/bin/screen-xRR that can be reconnected, people always like to open a lot of shells in a text terminal, if the session is suddenly interrupted or you press Ctrl-a d, the shell on the remote host will not be affected at all. You can reconnect, other useful screen Commands include "Ctrl-a c" (open a new shell) and "Ctrl-a" (switch back and forth between shells ). 19. Continue the SCP large file rsync-partial-progress-rsh = ssh $ file_source $ user @ $ host: $ destination_file. It can restore failed rsync commands, this command is useful when you transmit large files over a VPN, such as a backup database. You need to install rsync on both hosts. Rsync-partial-progress-rsh = ssh $ file_source $ user @ $ host: $ destination_file local-> remote or rsync-partial-progress-rsh = ssh $ user @ $ host: $ remote_file $ destination_file remote-> local20, analyze traffic through ssh w/WIRESHARK ssh root@server.com 'tshark-f "port! 22 "-w-'| wireshark-k-I-uses tshark to capture network communication on the remote host, send the original pcap data through an SSH connection, and display it in wireshark, pressing Ctrl + C will stop capturing, but it will also close the wireshark window. You can pass the "-c #" parameter to tshark so that it can only capture the specified data packet type, or redirect data through a named pipe instead of transmitting it directly to wireshark via SSH, I suggest you filter the data packet to save bandwidth, tshark can replace: ssh root@example.com tcpdump-w-'port! 22' | wireshark-k-I-21. Keep the SSH session permanently open autossh-M50000-t server.example.com 'screen-raAd mysession'. After opening an SSH session, keep it permanently open, if you need to switch between Wi-Fi hotspots, you can ensure that the connection will not be lost after the switch. 22. More stable, faster, and stronger SSH client ssh-4-C-c blowfish-cbc enforces IPv4, compresses data streams, and uses Blowfish for encryption. 23. Use cstream to control the bandwidth tar-cj/backup | cstream-t 777 k | ssh host 'tar-xj-C/backup' and use bzip to compress the folder, the data is then transmitted to the remote host at a rate of 777 kb/s. Echo w00t, I'm 733 + | cstream-b1-t224. One step is to transmit the SSH public key to another machine ssh-keygen; ssh-copy-id user @ host; the ssh user @ host command combination allows you to log on without a password for SSH. Note that ~ /. There is already an ssh key pair in the SSH directory. The new keys generated by the ssh-keygen command may overwrite them. The ssh-copy-id copies the keys to the remote host, and append it to the Remote Account ~ In the/. ssh/authorized_keys file, if you do not use the key password during SSH connection, a remote shell will be displayed shortly after you call ssh user @ host. 25. Copy the standard input (stdin) to your X11 buffer ssh user @ host cat/path/to/some/file | xclip: Do you want to use scp to copy files to work computers, in order to copy its content to the email? Xclip can help you. It can copy the standard input to the X11 buffer. You need to click and paste the content in the buffer.