In this article I want to show some use, not trivial, of ssh, but first:
What is SSH?
Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. The two major versions of the protocol are referred to as SSH1 or SSH-1 and SSH2 or SSH-2. Used primarily on Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for Telnet and other insecure remote shells, which send information, notablypasswords, in plaintext, rendering them susceptible to packet analysis.The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet.
Normally, authentication is done with sending the password, but you can generate a public key on your PC and export it to the remote host, so the future authentication will be performed automatically.
See also this tutorial
Some uses from simple to more complicated:
Allow user to connect to host via ssh protocol.
ssh -X user@host
Allows user to login to know the host and redirects the X11 protocol through ssh, windows graphics will open on our local computer.
ssh user@host remote command
Exec remote command on host logging in with account user.
for host in host1 host2 host3; do echo -n $host:; ssh $host uptime; done;
Run command on a group of nodes in parallel (you have to exchabge the public key, or you’ll prompted for password multiple times).
Copy ssh keys to user@host to enable password-less ssh logins.
cat ~/.ssh/id_rsa.pub | ssh user@machine “mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys”
Copy your ssh public key to a server from a machine that doesn’t have ssh-copy-id
If you use Mac OS X or some other *nix variant that doesn’t come with ssh-copy-id, this one-liner will allow you to add your public key to a remote machine so you can subsequently ssh to that machine without a password.
ssh -N -L2001:localhost:80 user@somemachine
Start a tunnel from some machine’s port 80 to your local post 2001
now you can acces the website by going to http://localhost:2001/
ssh user@host cat /path/to/remotefile | diff /path/to/localfile -
Compare a remote file with a local file
Useful for checking if there are differences between local and remote files.
ssh -t reachable_host ssh unreachable_host
SSH connection through host in the middle
Unreachable_host is unavailable from local network, but it’s available from reachable_host’s network. This command creates a connection to unreachable_host through “hidden” connection to reachable_host.
ssh -t remote_host screen -r
Attach screen over ssh
Directly attach a remote screen session (saves a useless parent bash process)
yes | pv | ssh $host “cat > /dev/null”
Live ssh network throughput test
Connects to host via ssh and displays the live transfer speed, directing all transferred data to /dev/null
needs pv installed
Debian/Ubuntu: ‘apt-get install pv’
Fedora: ‘yum install pv’ (may need the ‘extras’ repository enabled)
ssh user@host cat /path/to/some/file | xclip
Copy stdin to your X11 buffer
Have you ever had to scp a file to your work machine in order to copy its contents to a mail? xclip can help you with that. It copies its stdin to the X11 buffer, so all you have to do is middle-click to paste the content of that looong file
sshfs name@server:/path/to/folder /path/to/mount/point
Mount folder/filesystem through SSH
Install SSHFS from http://fuse.sourceforge.net/sshfs.html
Will allow you to mount a folder security over a network.
[amazon_enhanced asin="0596008953" price="All" background_color="332610" link_color="FFFFFF" text_color="D4CE99" /]
[amazon_enhanced asin="1590594762" price="All" background_color="332610" link_color="FFFFFF" text_color="D4CE99" /]
- Linux Security: How to hide processes from other users
- Productivity boosting with open source applications
- 8 Simple To Follow Tips To Secure Your Apache Web Server
- The Humble “Open Source” Bundle
- Linux Games: FTL Advanced Edition expansion
Find me on Google+