# Cheat Sheet #day37 - SSH ## SSH Cheatsheet ### Basic Usage * **Connect to a Remote Host** ```bash ssh username@hostname ``` Example: ```bash ssh user@example.com ``` * **Connect with a Specific Port** ```bash ssh -p port_number username@hostname ``` Example: ```bash ssh -p 2222 user@example.com ``` * **Run a Command on a Remote Host** ```bash ssh username@hostname command ``` Example: ```bash ssh user@example.com 'ls -l /var/www' ``` ### Key-Based Authentication * **Generate SSH Key Pair** ```bash ssh-keygen -t rsa -b 4096 -C "your_email@example.com" ``` * **Add SSH Key to SSH-Agent** ```bash eval "$(ssh-agent -s)" ssh-add ~/.ssh/id_rsa ``` * **Copy Public Key to Remote Host** ```bash ssh-copy-id username@hostname ``` Example: ```bash ssh-copy-id user@example.com ``` ### Configuration * **Edit SSH Config File** * Path: `~/.ssh/config` ```bash nano ~/.ssh/config ``` Example Config File: ```plaintext Host example HostName example.com User user Port 22 IdentityFile ~/.ssh/id_rsa ``` * **Connect Using Config Alias** ```bash ssh example ``` ### Port Forwarding * **Local Port Forwarding** ```bash ssh -L local_port:destination_host:destination_port username@hostname ``` Example: ```bash ssh -L 8080:localhost:80 user@example.com ``` * **Remote Port Forwarding** ```bash ssh -R remote_port:destination_host:destination_port username@hostname ``` Example: ```bash ssh -R 8080:localhost:80 user@example.com ``` * **Dynamic Port Forwarding (SOCKS Proxy)** ```bash ssh -D local_port username@hostname ``` Example: ```bash ssh -D 1080 user@example.com ``` ### File Transfer * **SCP (Secure Copy)** * **Copy Local to Remote** ```bash scp local_file username@hostname:/remote/directory ``` Example: ```bash scp file.txt user@example.com:/home/user/ ``` * **Copy Remote to Local** ```bash scp username@hostname:/remote/file /local/directory ``` Example: ```bash scp user@example.com:/home/user/file.txt /local/directory ``` * **SFTP (SSH File Transfer Protocol)** ```bash sftp username@hostname ``` * **Common SFTP Commands** ```bash sftp> get remote_file sftp> put local_file sftp> ls sftp> cd directory sftp> pwd sftp> exit ``` ### Tunneling and Proxying * **SSH Tunnel for All Traffic** ```bash ssh -D 8080 -C -q -N username@hostname ``` * Use the tunnel as a SOCKS proxy in your browser or application. * **ProxyCommand** * Use another SSH server as a proxy. ```plaintext Host internal HostName internal.example.com User user ProxyCommand ssh -q -W %h:%p gateway.example.com ``` ### Advanced Options * **Enable X11 Forwarding** ```bash ssh -X username@hostname ``` * **Enable Compression** ```bash ssh -C username@hostname ``` * **Increase Verbosity** ```bash ssh -v username@hostname ``` * **Multiple Levels of Verbosity** ```bash ssh -vvv username@hostname ``` ### SSH Agent Forwarding * **Enable Agent Forwarding** ```bash ssh -A username@hostname ``` ### Managing SSH Keys * **List Loaded Keys** ```bash ssh-add -l ``` * **Remove All Loaded Keys** ```bash ssh-add -D ``` ### SSH Security * **Disable Root Login** * Edit `/etc/ssh/sshd_config` on the remote server: ```plaintext PermitRootLogin no ``` * **Change Default SSH Port** * Edit `/etc/ssh/sshd_config` on the remote server: ```plaintext Port 2222 ``` * **Restrict User Logins** * Edit `/etc/ssh/sshd_config` on the remote server: ```plaintext AllowUsers user1 user2 ``` ### Additional Tips * **Use SSH Escape Sequences** * `~.`: Disconnect * `~C`: Open command line * Type escape sequences after pressing Enter. * **SSHFS (SSH Filesystem)** * Mount a remote filesystem via SSH: ```bash sshfs username@hostname:/remote/directory /local/mount/point ``` This cheatsheet covers essential commands and configurations for using SSH effectively, from basic connections to advanced tunneling and security practices. Adjust commands and paths according to your specific setup and needs.