ssh command
1. Copy the SSH key to the target host, open SSH login without password
ssh-copy-id user@host
If you do not have a key, use the ssh-keygen command generates.
2, open from port 80 to a host of tunnel local host port 2001
ssh -N -L2001:localhost:80 somemachine
Now you can enter directly in your browser to http: // localhost: 2001 to access this site.
3, your microphone output to a remote computer speakers
dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp
Such sound from your microphone port will be the speaker output port SSH target computer, but unfortunately, poor sound quality, you'll hear a lot of sizzle.
4, more remote and local files
ssh user@host cat /path/to/remotefile | diff /path/to/localfile –
When comparing whether local files and remote files are different this command is very useful.
5, via SSH to mount the directory / file system
sshfs name@server:/path/to/folder /path/to/mount/point
From http://fuse.sourceforge.net/sshfs.html download sshfs, which allows you to mount a security across the network directory.
6, through an intermediate host SSH connection
ssh -t reachable_host ssh unreachable_host
Unreachable_host said, but can be accessed from the host computer from the network reachable_host where the local network is not directly accessible, this command to reachable_host "hidden" connection, create connection unreachable_host of play.
7, copy your SSH public key to the remote host, open without password - the simplest way
ssh-copy-id username@hostname
8, A is directly connected to the host through the host connector only B
ssh -t hostA ssh hostB
Of course, you want to be able to access the host A job.
9, create a persistent connection to the target host
ssh -MNf <user>@<host>
In the background to create a persistent connection to the target host, this command and you ~ / .ssh / config configuration used in combination:
Host host ControlPath ~/.ssh/master-%r@%h:%p ControlMaster no
All SSH connection to the target host will use persistent SSH socket, if you are using SSH regularly synchronize files (using rsync / sftp / cvs / svn), this command will be very useful, because not every time you open a SSH connection It creates a new socket.
10, the screen is connected via SSH
ssh -t remote_host screen –r
Directly connect to a remote screen session (save a useless parent bash process).
11, the detection port (knocking)
knock <host> 3000 4000 5000 && ssh -p <port> user@host && knock <host> 5000 4000 3000
Knock on a port it to open a service port (such as SSH), then knock shut down the port, you need to install knockd, the following is a sample configuration file.
[options] logfile = /var/log/knockd.log [openSSH] sequence = 3000,4000,5000 seq_timeout = 5 command = /sbin/iptables -A INPUT -i eth0 -s %IP% -p tcp –dport 22 -j ACCEPT tcpflags = syn [closeSSH] sequence = 5000,4000,3000 seq_timeout = 5 command = /sbin/iptables -D INPUT -i eth0 -s %IP% -p tcp –dport 22 -j ACCEPT tcpflags = syn
12, line delete the contents of a text file, useful repair
ssh-keygen -R <the_offending_host>
In this case, it is best to use professional tools.
13, by running complex SSH remote shell command
ssh host -l user $(<cmd.txt)
More portable version of:
ssh host -l user “`cat cmd.txt`”
14, copy through SSH MySQL database to a new server
mysqldump –add-drop-table –extended-insert –force –log-error=error.log -uUSER -pPASS OLD_DB_NAME | ssh -C user@newhost “mysql -uUSER -pPASS NEW_DB_NAME”
Dump SSH tunnel by compression of a MySQL database, which is passed as input to the mysql command, I think it is migrating to a new database server fastest and best method.
15, delete the text file line repair "SSH host key change" warning
sed -i 8d ~/.ssh/known_hosts
16, from one host no SSH-COPY-ID command to copy your SSH public key to the server
cat ~/.ssh/id_rsa.pub | ssh user@machine “mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys”
If you're using Mac OS X or no other * nix variant ssh-copy-id command, this command can copy your public key to the remote host, so you can still implement SSH login without a password.
17, real-time network throughput test SSH
yes | pv | ssh $host “cat > /dev/null”
Connecting to a host via SSH, displays real-time transmission speed, the transmission data directed to all of / dev / null, need to install pv.
If it is Debian:
apt-get install pv
If Fedora:
yum install pv
(You may need to enable additional software warehouse).
18, if you can establish a remote GNU screen to reconnect
ssh -t [email protected] /usr/bin/screen –xRR
People always like to open many shell in a text terminal, if the conversation is suddenly interrupted, or you press "Ctrl-a d", shell on the remote host will not be affected in the slightest, you can reconnect, other useful screen command has "Ctrl-a c" (open a new shell) and "Ctrl-a a" (to switch back and forth between the shell), please visit http://aperiodic.net/screen/quick_reference read more about screen command Quick reference.
19, continue SCP large files
rsync –partial –progress –rsh=ssh $file_source $user@$host:$destination_file
It can recover rsync command fails, the VPN when you transfer through large files, such as when backing up databases This is useful, you need to install rsync on both sides of the host.
rsync –partial –progress –rsh=ssh $file_source $user@$host:$destination_file local -> remote
or
rsync –partial –progress –rsh=ssh $user@$host:$remote_file $destination_file remote -> local
20, SSH W / WIRESHARK traffic analysis
ssh [email protected] ‘tshark -f “port !22″ -w -' | wireshark -k -i –
Use tshark capture network traffic on a remote host, the connection by sending the original data pcap SSH, and displays wireshark, press Ctrl + C will stop the capture, but also closes the window wireshark, can pass a "-c #" parameter to tshark, it only captures "#" specifies the packet type, or redirect data through named pipes, rather than directly transmitted via SSH to wireshark, I recommend you to filter the packets to save bandwidth, tshark can use tcpdump alternative:
ssh [email protected] tcpdump -w – ‘port !22′ | wireshark -k -i –
21, kept permanently open SSH session
autossh -M50000 -t server.example.com ‘screen -raAd mysession’
After opening a SSH session to keep them open permanently, for the use of laptop users, if the need to switch between Wi-Fi hotspots can be guaranteed not to lose the connection after the handover.
22, more stable, faster, stronger SSH client
ssh -4 -C -c blowfish-cbc
Forced are using IPv4, the compressed data stream, using the Blowfish encryption.
23, using the control bandwidth cstream
tar -cj /backup | cstream -t 777k | ssh host ‘tar -xj -C /backup’
Use bzip compressed folder, and then transmitted to 777k bit / s rate to a remote host. Cstream many more features, please visit http://www.cons.org/cracauer/cstream.html#usage more information, such as:
echo w00t, i’m 733+ | cstream -b1 -t2
24, the step SSH public transport to another machine
ssh-keygen; ssh-copy-id user@host; ssh user@host
This combination allows you to command SSH login without a password, note that if the local machine under ~ / .ssh directory already have an SSH key pair, ssh-keygen command to generate a new key might cover them, ssh-copy-id copy the key to the remote host and append to the remote account ~ / .ssh / authorized_keys file, use SSH connection, if you do not use a key password, call ssh user @ host will soon display the remote shell.
25, the standard input (stdin) copied to your X11 buffer
ssh user@host cat /path/to/some/file | xclip
Do you use scp to copy files to a working computer to copy the contents to an email? xclip can help you, it can be copied to the X11 standard input buffer, you need to do is click the middle mouse button to paste the contents of the buffer.
The first step: using ssh-keygen on the local machine to generate public and private key pair
- $ ssh-keygen
Step: Copy ssh-copy-id with the public key to the remote machine
$ Ssh-copy-id -i .ssh / id_rsa.pub user name @ 192.168.x.xxx
Note: SSH-Copy-the above mentioned id will write the key remote machine ~ / .ssh / authorized_key file.
The third step: Log on to the remote machine without a password
- $ Ssh username @ 192.168.x.xxx
- Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
common problem:
- Copy-the above mentioned id -u-SSH Eucalyptus Eucalyptus -i ~ / .ssh / id_rsa.pub SSH user name @ 192.168.x.xxx
- The first require a logon password
The above is not given to the eucalyptus user password landing rights
- /usr/bin/ssh-copy-id: ERROR: No identities found
Use option -i , when no value is passed or if ~ / .ssh / identity.pub file inaccessible (not present), SSH-Copy-ID will be displaying the error message (-i option would be preferred to ssh- add -L content)