SSH Commands
SSH client commands, config, and key management.
Connection
ssh user@hostConnect to remote host
ssh -p 2222 user@hostConnect using specific port
ssh -i ~/.ssh/key.pem user@hostConnect using private key file
ssh -v user@hostConnect with verbose output
ssh -X user@hostConnect with X11 forwarding
ssh -A user@hostConnect with agent forwarding
ssh -t user@host commandExecute command on remote host
Key Management
ssh-keygen -t rsa -b 4096Generate 4096-bit RSA key pair
ssh-keygen -t ed25519Generate Ed25519 key pair (recommended)
ssh-copy-id user@hostCopy public key to remote host
ssh-copy-id -i ~/.ssh/key.pub user@hostCopy specific public key
ssh-keygen -p -f ~/.ssh/id_rsaChange passphrase of private key
ssh-keygen -y -f ~/.ssh/id_rsaShow public key from private key
ssh-keygen -lf ~/.ssh/id_rsa.pubShow fingerprint of public key
Port Forwarding
ssh -L 8080:localhost:80 user@hostLocal port forwarding
ssh -R 8080:localhost:80 user@hostRemote port forwarding
ssh -D 1080 user@hostDynamic SOCKS proxy on port 1080
ssh -L 3306:db.host:3306 user@jumpForward MySQL through jump host
ssh -fN -L 8080:localhost:80 user@hostPort forward in background
File Transfer
scp file.txt user@host:/pathCopy file to remote host
scp user@host:/path/file.txt .Copy file from remote host
scp -r directory user@host:/pathCopy directory recursively
scp -P 2222 file.txt user@host:/pathCopy using specific port
scp -i ~/.ssh/key.pem file user@host:Copy using private key
rsync -avz -e ssh src/ user@host:dst/Sync files over SSH
SSH Config
ssh -F /path/to/config user@hostUse custom config file
ssh -o "StrictHostKeyChecking=no" user@hostDisable host key checking
ssh -o "UserKnownHostsFile=/dev/null"Do not save host key
ssh -o "ServerAliveInterval=60" user@hostKeep connection alive
ssh -o "ConnectTimeout=10" user@hostSet connection timeout
SSH Agent
eval $(ssh-agent)Start SSH agent
ssh-add ~/.ssh/id_rsaAdd private key to agent
ssh-add -lList keys in agent
ssh-add -DRemove all keys from agent
ssh-add -t 3600 ~/.ssh/id_rsaAdd key with 1 hour timeout
ssh-agent -kKill SSH agent
Tunneling & Proxying
ssh -J jump@host user@targetJump through intermediate host
ssh -L 2222:target:22 user@jumpCreate SSH tunnel through jump host
ssh -N -f -L 5900:localhost:5900 user@hostVNC tunnel in background
ssh -w 0:0 user@hostCreate VPN tunnel (tun device)
Troubleshooting
ssh -v user@hostVerbose mode (debug level 1)
ssh -vv user@hostMore verbose (debug level 2)
ssh -vvv user@hostMost verbose (debug level 3)
ssh-keyscan -H host >> ~/.ssh/known_hostsAdd host key without connecting
ssh -o "LogLevel=DEBUG3" user@hostMaximum debug logging
ssh -Q cipherList supported ciphers
ssh -Q kexList supported key exchange algorithms
Advanced Options
ssh -C user@hostEnable compression
ssh -4 user@hostForce IPv4
ssh -6 user@hostForce IPv6
ssh -q user@hostQuiet mode
ssh -tt user@host commandForce pseudo-terminal allocation
ssh -o "ControlMaster=auto" user@hostEnable connection multiplexing