SSH pseudo-Login to execute remote host script command C program based on SSH passwordless execute remote host command and configuration file-based authentication pseudo-Login Execution command

Source: Internet
Author: User
Tags rsync passwordless ssh



1, execute command and script on remote host based on password and secret key



Ssh-t IP "CLI or shell.sh";



The 2,C program implements the above functions--based on password-less






Porting the simple C program above to a different system to use the test






Authorized_keys;



Copy the ~/.ssh/id_rsa.pub itself to the host that needs passwordless and append the id_rsa.pub content to the ~/.ssh/authorized_keys, then you can passwordless the login.



3. Copy the SSH key to the target host






4, open from a host 80 port to the local host 2001 Port Tunnel
Ssh-n-l2001:localhost:80 Somemachine;
http://localhost:2001 Visit website
5. Compare the local remote files with a different springboard machine



6,ssh Fortress



Ssh-t reachable_host ssh Unreachable_host



SSH command

OpenSSH is a free version of the SSH connection tool. telnet, rlogin, and ftp users may not realize that the passwords they transmit on the Internet are unencrypted, but SSH is encrypted. OpenSSH encrypts all communications (including passwords), effectively eliminating eavesdropping, connection hijacking and other attacks. In addition, OpenSSH provides a secure tunnel function and multiple authentication methods, and supports all versions of the SSH protocol.

SSH is a great tool. If you want to connect to the server remotely on the Internet, then SSH is undoubtedly the best candidate. Here are the 25 best SSH commands to choose from via a network vote, which you must keep in mind.

(Note: some longer commands will be truncated in this article. If you need to read the complete command, you can copy the entire line into your notepad to read.)

1. Copy the SSH key to the target host and enable passwordless SSH login

ssh-copy-id [email protected]

If you don't have a key yet, use the ssh-keygen command to generate it.

2.Open a tunnel from port 80 of a host to port 2001 of the local host

ssh -N -L2001: localhost: 80 somemachine

Now you can access this site by typing http: // localhost: 2001 directly into your browser.

3.Output your microphone to the speaker of the remote computer

dd if = / dev / dsp | ssh -c arcfour -C [email protected] dd of = / dev / dsp

This way the sound from your microphone port will be output on the speaker port of the SSH target computer, but unfortunately the sound quality is very poor and you will hear a lot of hissing.

4. Compare remote and local files

ssh [email protected] cat / path / to / remotefile | diff / path / to / localfile –

This command is useful when comparing local files to remote files.

5.Mounting directory / file system via SSH

sshfs [email protected]: / path / to / folder / path / to / mount / point

Download sshfs from http://fuse.sourceforge.net/sshfs.html, which allows you to mount a directory securely across the network.

6. Establish an SSH connection through an intermediate host

ssh -t reachable_host ssh unreachable_host

Unreachable_host indicates a host that cannot be directly accessed from the local network, but can be accessed from the network where reachable_host is located. This command creates a connection to unreachable_host through a "hidden" connection to reachable_host.

7. Copy your SSH public key to a remote host and enable passwordless login-the easy way

ssh-copy-id [email protected]

8. Connect directly to host A, which can only be connected through host B

ssh -t hostA ssh hostB

Of course, you need to be able to access host A.

9.Create a persistent connection to the target host

ssh -MNf <user> @ <host>

Create a persistent connection to the target host in the background. Use this command in conjunction with your configuration in ~ / .ssh / config:

Host host
ControlPath ~ / .ssh / master-% [email protected]% h:% p
ControlMaster no

All SSH connections to the target host will use persistent SSH sockets. If you use SSH to synchronize files regularly (using rsync / sftp / cvs / svn), this command will be very useful because every time you open an SSH connection A new socket is created.

10.Connect the screen via SSH

ssh -t remote_host screen --r

Connect directly to a remote screen session (saving useless parent bash processes).

11, port detection (knocking)

knock <host> 3000 4000 5000 && ssh -p <port> [email protected] && knock <host> 5000 4000 3000

Tap on a port to open a service port (such as SSH), and then tap to close the port, you need to install knockd first, the following is an example configuration file.

[options]
logfile = /var/log/knockd.log
[openSSH]
sequence = 3000,4000,5000
seq_timeout = 5
command = / sbin / iptables -A INPUT -i eth0 -s% IP% -p tcp --dport 22 -j ACCEPT
tcpflags = syn
[closeSSH]
sequence = 5000,4000,3000
seq_timeout = 5
command = / sbin / iptables -D INPUT -i eth0 -s% IP% -p tcp --dport 22 -j ACCEPT
tcpflags = syn

12, delete a line of content in the text file, useful repair

ssh-keygen -R <the_offending_host>

In this case, it is best to use professional tools.

13.Run complex remote shell commands via SSH

ssh host -l user $ (<cmd.txt)

More portable version:

ssh host -l user “` cat cmd.txt` ”

14.Copy MySQL database to new server via SSH

mysqldump –add-drop-table –extended-insert –force –log-error = error.log -uUSER -pPASS OLD_DB_NAME | ssh -C [email protected] “mysql -uUSER -pPASS NEW_DB_NAME”

Dump a MySQL database through a compressed SSH tunnel and pass it as input to the mysql command. I think this is the fastest and best way to migrate the database to a new server.

15, delete a line in the text file, fix "SSH host key change" warning

sed -i 8d ~ / .ssh / known_hosts

16.Copy your SSH public key to the server from a host without an SSH-COPY-ID command

cat ~ / .ssh / id_rsa.pub | ssh [email protected] "mkdir ~ / .ssh; cat >> ~ / .ssh / authorized_keys"

If you use Mac OS X or another * nix variant without the ssh-copy-id command, this command can copy your public key to a remote host, so you can still achieve passwordless SSH login.

17.Real-time SSH network throughput test

yes | pv | ssh $ host “cat> / dev / null”

Connect to the host through SSH to display the real-time transmission speed, point all the transmitted data to / dev / null, you need to install pv first.

For Debian:

apt-get install pv

If it is Fedora:

yum install pv

(May require additional depots to be enabled).

18.If you set up a remote GNU screen that can be reconnected

ssh -t [email protected] / usr / bin / screen –xRR

People always like to open many shells in a text terminal. If the session is suddenly interrupted or you press "Ctrl-a d", the shell on the remote host will not be affected at all, you can reconnect, other useful screens The commands are "Ctrl-a c" (open a new shell) and "Ctrl-a a" (switch back and forth between shells), please visit http://aperiodic.net/screen/quick_reference Quick reference.

19.Continue SCP large files

rsync --partial --progress --rsh = ssh $ file_source [email protected] $ host: $ destination_file

It can recover failed rsync commands. This command is very useful when you transfer large files through a VPN, such as a backed up database. You need to install rsync on both hosts.

rsync --partial --progress --rsh = ssh $ file_source [email protected] $ host: $ destination_file local-> remote

or

rsync --partial --progress --rsh = ssh [email protected] $ host: $ remote_file $ destination_file remote-> local

20.Analyze traffic via SSH W / WIRESHARK

ssh [email protected] ‘tshark -f“ port! 22 ″ -w-’| wireshark -k -i –

Use tshark to capture the network communication on the remote host, send the original pcap data through the SSH connection, and display it in wireshark. Pressing Ctrl + C will stop the capture, but will also close the wireshark window. You can pass a "-c #" parameter to tshark, so that it only captures the packet type specified by "#", or redirects the data through a named pipe, instead of transmitting directly to wireshark via SSH. I suggest that you filter the packets to save bandwidth. tshark can use tcpdump instead:

ssh [email protected] tcpdump -w – ‘port! 22’ | wireshark -k -i –

21.Keep SSH session open permanently

autossh -M50000 -t server.example.com ‘screen -raAd mysession’

After opening an SSH session, leave it open permanently. For users using laptops, if you need to switch between Wi-Fi hotspots, you can guarantee that you will not lose the connection after the switch.

22.More stable, faster and stronger SSH client

ssh -4 -C -c blowfish-cbc

Force IPv4, compress data stream, use Blowfish encryption.

View Code





SSH pseudo-Login to execute remote host script command C program based on SSH passwordless execute remote host command and configuration file-based authentication pseudo-Login Execution command


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.