A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
Editor's Guide: Any system administrator or webmaster is familiar with SSH. This great technology (51cto system channel just expressed thanks to it on Thanksgiving Day) this frees us from having to go to the server room to manage servers, or worry about content theft when remotely connecting to the server. This article will introduce 25 best SSH commands. If you haven't used them, record them.
OpenSSH is a free version of the SSH connection tool. Telnet, rlogin and FTP users may not realize that their passwords transmitted over the Internet are unencrypted, but SSH is encrypted. OpenSSH encrypts all communications (including passwords ), effectively eliminates eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides Security tunneling and multiple authentication methods, supporting all versions of the SSH protocol.
SSH is a great tool. If you want to remotely connect to the server on the internet, SSH is undoubtedly the best candidate. The following are the 25 best SSH commands selected by voting on the Internet.
(Note: Some commands with long content are displayed as truncated in this article. If you need to read the complete command, you can copy the entire line to your notepad for reading .)
1. Copy the SSH key to the target host and enable password-less SSH login.
If no key exists, use the ssh-keygen command to generate it.
2. Open a tunnel from port 80 of a host to port 2001 of the local host
ssh -N -L2001:localhost:80 somemachine
Now you can enter http: // localhost: 2001 in your browser to access this website.
3. Output your microphone to a remote computer speaker
dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp
In this way, the sound from your microphone port will be output on the speaker port of the SSH target computer, but unfortunately, the sound quality is poor and you will hear a lot of hissing.
4. Compare remote and local files
ssh user@host cat /path/to/remotefile | diff /path/to/localfile –
This command is useful when comparing the differences between local and remote files.
5. Mount the directory/file system through SSH
sshfs name@server:/path/to/folder /path/to/mount/point
Download sshfs from http://fuse.sourceforge.net/sshfs.htmlto allow you to upload a directory for cross-network security.
6. Establish an SSH connection through the intermediate host
ssh -t reachable_host ssh unreachable_host
Unreachable_host indicates that the host cannot be directly accessed from the local network, but can be accessed from the network where reachable_host is located. This command creates a connection to unreachable_host by "hiding" the connection to reachable_host.
7. Copy your SSH public key to a remote host and enable password-less logon.
8. directly connect to host a that can only be connected through host B
ssh -t hostA ssh hostB
Of course, you must be able to access host.
9. Create a persistent connection to the target host
ssh -MNf <user>@
Create a persistent connection to the target host in the background and send this command to you ~ The configuration in/. Ssh/config is used in combination:Host hostControlPath ~/.ssh/master-%r@%h:%pControlMaster no
All SSH connections to the target host will use persistent SSH sockets. If you use SSH to regularly synchronize files (using rsync/SFTP/CVS/SVN), this command will be very useful, because no new socket is created each time an SSH connection is opened.
10. Connect to the screen through SSHssh -t remote_host screen –r
Connect directly to a remote screen SESSION (saves useless parent bash processes ).
11. Port detection (knocking)knock
To open a service port (such as SSH) on a port, and then close the port, you need to install knockd first. The following is a configuration file example.[options]logfile = /var/log/knockd.log[openSSH]sequence = 3000,4000,5000seq_timeout = 5command = /sbin/iptables -A INPUT -i eth0 -s %IP% -p tcp –dport 22 -j ACCEPTtcpflags = syn[closeSSH]sequence = 5000,4000,3000seq_timeout = 5command = /sbin/iptables -D INPUT -i eth0 -s %IP% -p tcp –dport 22 -j ACCEPTtcpflags = syn
12. delete a line of content in a text file and fix it effectively.ssh-keygen -R <the_offending_host>
In this case, it is best to use professional tools.
13. Run complex remote shell commands through SSHssh host -l user $(<cmd.txt)
More portable versions:ssh host -l user “`cat cmd.txt`”
14. Copy the MySQL database to the new server through SSHmysqldump –add-drop-table –extended-insert –force –log-error=error.log -uUSER -pPASS OLD_DB_NAME | ssh -C user@newhost “mysql -uUSER -pPASS NEW_DB_NAME”
Dump a MySQL database through the compressed SSH tunnel and pass it as an input to the MySQL command. I think this is the fastest and best way to migrate the database to the new server.
15. delete a row in the text file and fix the "SSH host key change" Warning.sed -i 8d ~/.ssh/known_hosts
16. Copy your SSH public key from a host without SSH-COPY-ID commands to the servercat ~/.ssh/id_rsa.pub | ssh user@machine “mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys”
If you use Mac OS X or other * nix variants without the ssh-copy-id command, this command can copy your public key to a remote host, therefore, you can achieve SSH login without a password.
17. Real-time SSH network throughput Testyes | pv | ssh $host “cat > /dev/null”
Connect to the host through SSH to display the real-time transmission speed. Point all transmitted data to/dev/null and install PV first.
For Debian:apt-get install pv
If it is fedora:yum install pv
(Additional Software repositories may need to be enabled ).
18. If you create a remote GNU screen that can be reconnectedssh -t email@example.com /usr/bin/screen –xRR
People always like to open many shells in a text terminal. If the session is suddenly interrupted or you press Ctrl-a D, the shell on the remote host will not be affected at all, you can reconnect. Other Useful screen Commands include "Ctrl-a c" (open a new shell) and "Ctrl-A" (switch back and forth between shells ), please visit http://aperiodic.net/screen/quick_referenceto read more about the screencommand quick reference.
19. Continue SCP large filesrsync –partial –progress –rsh=ssh $file_source $user@$host:$destination_file
It can restore failed rsync commands. This command is very useful when you transmit large files through VPN, such as a backup database. You need to install rsync on both hosts.rsync –partial –progress –rsh=ssh $file_source $user@$host:$destination_file local -> remote
Orrsync –partial –progress –rsh=ssh $user@$host:$remote_file $destination_file remote -> local
20. analyze traffic through SSH w/Wiresharkssh firstname.lastname@example.org ‘tshark -f “port !22″ -w -' | wireshark -k -i –
Use tshark to capture network communication on the remote host, send the original pcap data through an SSH connection, and display it in Wireshark. Press Ctrl + C to stop capturing, but also close the wireshark window, you can pass a "-C #" parameter to tshark so that it can only capture the data packet type specified by "#", or redirect data through the named pipe, instead of directly transmitting data to Wireshark through SSH, I suggest you filter data packets to save bandwidth. tshark can be replaced by tcpdump:ssh email@example.com tcpdump -w – ‘port !22′ | wireshark -k -i –
21. Keep the SSH session open permanentlyautossh -M50000 -t server.example.com ‘screen -raAd mysession’
After opening an SSH session, keep it permanently open. If you need to switch between Wi-Fi hotspots for laptop users, you can ensure that the connection will not be lost after the switch.
22. More stable, faster, and stronger SSH clientssh -4 -C -c blowfish-cbc
Use IPv4 to compress data streams and use blowfish for encryption.
23. Use cstream to control bandwidthtar -cj /backup | cstream -t 777k | ssh host ‘tar -xj -C /backup’
Use bzip to compress the folder and transmit it to the remote host at 777 kb/s. Cstream has more features. Visit http://www.cons.org/cracauer/cstream.html#usageto learn more, for example:echo w00t, i’m 733+ | cstream -b1 -t2
24. Transmit the SSH public key to another machine in one stepssh-keygen; ssh-copy-id user@host; ssh user@host
This command combination allows you to log on without a password for ssh. Note that ~ /. There is already an SSH key pair in the SSH directory. The new keys generated by the ssh-keygen command may overwrite them. The Ssh-copy-ID copies the keys to the remote host, and append it to the Remote Account ~ In the/. Ssh/authorized_keys file, if you do not use the key password during SSH connection, a remote shell will be displayed shortly after you call SSH user @ host.
25. Copy the standard input (stdin) to your X11 Bufferssh user@host cat /path/to/some/file | xclip
Do you want to use SCP to copy files to a work computer so that they can be copied to an email? Xclip can help you. It can copy the standard input to the X11 buffer. You need to click and paste the content in the buffer.
If you have other SSH command skills, post them in this article.
Original article: http://blog.urfix.com/25-ssh-commands-tricks/
Start building with 50+ products and up to 12 months usage for Elastic Compute Service