Transferred from: http://www.cnblogs.com/weafer/archive/2011/06/10/2077852.html
OpenSSH is the free version of the SSH Connection tool. Telnet,rlogin and FTP users may not realize that the passwords they transmit on the Internet are unencrypted, but SSH is encrypted and OpenSSH encrypts all communications (including passwords), effectively eliminating eavesdropping, connection hijacking, and other attacks. In addition, OPENSSH provides secure tunneling capabilities and multiple authentication methods that support all versions of the SSH protocol. SSH is a great tool and if you want to connect remotely to a server on the Internet, SSH is definitely the best candidate. Here are the 25 best SSH commands chosen by the Internet, which you must keep in mind. (Note: Some longer commands are displayed in this article as truncated states.) If you need to read the full command, you can copy the entire line to your Notepad. )1, copy SSH key to target host, turn on password-free SSH loginSSH-copy-ID[email protected] If you don't have a key yet, use SSH-The keygen command is generated. 2, 80 ports from a host to the local host 2001 Port tunnelSSH-n-l2001:localhost: theSomemachine Now you can enter HTTP directly in the browser://localhost:2001 visit this website. 3, output your microphone to a remote computer's speakersDD if=/DEV/DSP |SSH-c arcfour-c [email protected]DDof=/dev/DSP so the sound from your microphone port will be output on the speaker port of the SSH target computer, but unfortunately the sound quality is poor and you will hear a lot of hiss. 4, comparing remote and local filesSSH[Email protected]Cat/path/to/remotefile |diff/path/to/localfile– This command works when comparing local and remote files for differences. 5, mount directory via SSH/file system SSHFS [email protected]:/path/to/folder/path/to/Mount/Point from http://fuse.sourceforge.net/sshfs.html Downloads SSHFS, which allows you to mount a directory securely across the network. 6To establish an SSH connection through an intermediary host.SSH-T Reachable_hostSSHUnreachable_hostunreachable_host represents a host that cannot be accessed directly from the local network, but can be accessed from the network where the Reachable_host resides, through a "hidden" connection to Reachable_host, Creates a connection to the unreachable_host. 7, copy your SSH public key to the remote host, turn on password-Free login – Simple methodSSH-copy-ID[email protected]8, connect directly to host A that is only connected through Host BSSH-T HostASSHHostB Of course, you need to be able to access host a. 9, creating a persistent connection to the target hostSSH-MNF <user>@Create a persistent connection to the target host in the background, and this command will be~/.SSH/config is used in conjunction with: Host Hostcontrolpath~/.SSH/master-%[email protected]%h:%pcontrolmaster no all SSH connections to the target host will use persistent SSH sockets if you use SSH to synchronize files regularly (using rsync/sftp/cvs/svn), this command is useful because no new sockets are created each time an SSH connection is opened. Ten, connect to the screen via SSHSSH-T remote_host screen–r Connect directly to a remote screen session (saving the useless parent bash process). One, port Detection (knocking) Knock the 4000 the&&SSH-P <port> [email protected] && Knock the 4000 theOn a port to open a port on a service (such as SSH), then tap to close the port, you need to first install KNOCKD, here is a sample configuration file. [Options]logfile=/var/log/knockd.log[openssh]sequence= the,4000, theSeq_timeout=5Command=/sbin/iptables-a input-i eth0-s%ip%-P Tcp–dport A-J Accepttcpflags=syn[closessh]sequence= the,4000, theSeq_timeout=5Command=/sbin/iptables-d input-i eth0-s%ip%-P Tcp–dport A-J Accepttcpflags=syn A, delete a line in a text file, useful fixesSsh-keygen-R <the_offending_host>in this case, it is best to use a professional tool. -, running complex remote shell commands via SSHSSHHost-l User $ (<cmd.txt) More portable versions:SSHHost-l user "'Catcmd.txt ' " -, copy the MySQL database to the new server via SSH Mysqldump–add-drop-table–extended-insert–force–log-error=error.log-uuser-ppass Old_db_name |SSH-c [email protected] "Mysql-uuser-ppass new_db_name "dump a MySQL database from a compressed SSH tunnel and pass it as input to the MySQL command, which I think is the fastest and best way to migrate a database to a new server." the, delete a line in a text file, fix the "SSH host key change" Warningsed-I. 8d ~/.SSH/known_hosts -, from a non-ssh-copy-The host of the ID command copies your SSH public key to the serverCat~/.SSH/id_rsa.pub |SSH[Email protected] “mkdir~/.SSH;Cat>> ~/.SSH/Authorized_keys "If you use Mac OS x or other without SSH-copy-id Command *Nix variant, this command can copy your public key to the remote host, so you can still implement password-free SSH login. -, real-time SSH network throughput test Yes| PV |SSH$host "Cat>/dev/NULL"Connect to the host via SSH, show real-time transfer speed, point all transmitted data to/dev/NULL, you need to install PV first. If it's debian:apt,-getInstallPV If it is Fedora:Yum InstallPV (additional repositories may need to be enabled). -, if you create a remote GNU screen that can be reconnectedSSH-T [email protected]/usr/bin/screen–xrr people always like to open many shells in a text terminal, if the session suddenly breaks, or you press the "Ctrl-A D ", the shell on the remote host is unaffected, you can reconnect, other useful screen commands have" Ctrl-a C "(open new Shell) and" ctrl-a a "(switch back and forth between the shells), please visit http://Aperiodic.net/screen/quick_reference Read more about the screen command for a quick reference. +, continue SCP large file Rsync–partial–progress–rsh=SSH$file _source [email protected] $host: $destination _file It can recover the failed rsync command, which is very useful when you transfer large files through a VPN, such as a backed up database You need to install rsync on both sides of the host. Rsync–partial–progress–rsh=SSH$file _source [email protected] $host: $destination _file Localremote or Rsync–partial–progress–rsh=SSH[Email protected] $host: $remote _file $destination _file RemoteLocal -, via SSH w/Wireshark Analysis FlowSSH[Email protected] ' Tshark-f ' Port! A″ -W-'| wireshark-k-i–Use Tshark to capture network traffic on a remote host, send raw pcap data over an SSH connection, and display it in Wireshark, press CTRL + C to stop snapping, but also close the Wireshark window and pass a "-C # "parameter to Tshark, let it only catch" # "specified packet type, or through the named pipe redirection data, instead of directly through SSH to Wireshark, I recommend you filter the packet to save bandwidth, Tshark can use tcpdump substitution: SSH[Email protected] tcpdump-W– ' Port! A′| Wireshark-k-I – +, keep SSH session open permanently autossh-m50000-t server.example.com ' screen-raAd mysession ' open an SSH session and leave it permanently open, for users using laptops, if needed in WI-Switch between fi hotspots to ensure that the connection is not lost after switching. A, more stable, faster, stronger SSH clientSSH-4-c-c blowfish-CBC enforces the use of IPV4, compresses the data stream, and uses Blowfish encryption. at, using Cstream to control bandwidthTar-cj/backup | Cstream-t 777k |SSHHost 'Tar-XJ-C/backup ' uses bZIP to compress the folder and then to 777k bit/s rate is transferred to the remote host. Cstream also has more features, please visit http://Www.cons.org/cracauer/cstream.html#usage Learn more, such as:Echow00t, I ' m733+ | CSTREAM-B1-T2 -, one-step transfer of SSH public key to another machineSsh-keygen;SSH-copy-ID[Email protected];SSH[email protected] This command combination allows you to login without password ssh, note that if the local machine'sThere is already an SSH key pair in the ~/.ssh directory,SSHThe new keys generated by the-keygen command may overwrite them,SSH-copy-id copy the key to the remote host and append it to the remote account's ~/.SSH/Authorized_keys file, when using SSH connection, if you do not use the key password, call SSH [email protected] Shortly after the remote shell is displayed. -, copy the standard input (stdin) to your X11 bufferSSH[Email protected]Cat/path/to/some/file|Xclip You use SCP to copy files to your work computer so that you can copy their contents into an email? Xclip can help you, it can copy the standard input to the X11 buffer, all you need to do is click the middle mouse button to paste the contents of the buffer.
(EXT) 25 SSH commands that must be remembered