Home > General, Security > The Ultimate SSH Tricks Manual

The Ultimate SSH Tricks Manual

This article assumes that you’re already familiar with SSH such as logging into remote servers, copying files from one server to another, generating ssh key pairs and etc.  So with all that away, this article provides a list of tricks that has been compiled from various sources in one cozy location, mynitor.com blog.

With most of these ssh tricks, you can use your imagination to extend it to whatever you need to get done.  Ultimately, it’s executing commands on remote server which practically can be exchanged with anything you find useful.

Transferring Files and Backups

Transfer /home directory from remote host to local server using ssh and tar:

$ ssh user@remotehost "tar cvzf - /home" | tar xvzf - /home

Similar as above but using scp to recursively copy /home from remote host to local server:

$ scp -r user@remotehost:/home /home

Transfer a local file to remote server:

$ cat /home/mynitor/testfile | ssh user@remotehost "cat > /home/mynitor/testfile"

Compare a file on remote server with local host:

$ ssh user@remotehost.com "cat /tmp/remotefile" | diff - /tmp/localfile

SSH Proxy and Port Forwarding Tricks

Tunnel all your browser traffic through your SSH server:

$ ssh -D 9999 user@yourserver.com

Setup SOCKS proxy to use with Chrome.  Save the following to a shell script and run:

function remotebrowse() {
    export SOCKS_SERVER=localhost:9999
    ssh -fNTD 9999 remotehost
    google-chrome --user-data-dir=/tmp/chrome $1 &
  }

Launch a local x11 session for a given application.  Simply use the following command then run whatever X application:

$ ssh -X user@remotehost.com 'xterm'

Use a local server through a proxy server:

$ ssh -f -N -L 1521:destinationhost.com:80 servertoproxyfrom.com

Tunneling VNC over ssh:

$ ssh -L 5900:localhost:5900 user@yourserver.com

Jump off one box into another:

$ ssh -t gatewayhost.com ssh destinationhost.com

Forward connections using server A to get to server B. You can use this method to get to any application such as smtp, pop3, mysql, oracle etc.  Just translate the port number:

$ ssh -L 3306:serverB.com:3306 user@serverA.com

Reverse SSH Tunneling. Concept is you want to get from a server at work or public IP into your home server or a server behind a firewall.   Say your destination server is 192.168.136.3, source server is mynitor.com.  Then ssh back to localhost to get to the home server.

$ ssh -R 3333:localhost:22 user@mynitor.com
$ ssh localhost -p 3333

Log in without appearing in lastlog/w and who output.

$ ssh -T user@hostname.com

Miscellaneous Tricks

Play a wav file on remote server:

$ ssh user1@local_server 'play /home/mynitor/2pac.wav'


Outputting your microphone to a remote computer’s speaker:

# dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp

Setup password less SSH access to another server:

$ ssh-keygen
$ cat ~/.ssh/id_rsa.pub | ssh user@remotehost "cat - >> ~/.ssh/authorized_keys;chmod 644  ~/.ssh/authorized_keys"

– The 644 will make sure your default umask isn’t creating a file with 664 perms. Otherwise, ssh server will reject your login attempt.

There is so much more. Once I gather up more of these, it will be included in an updated and more complete version of this article. Add away your tips and tricks!

Categories: General, Security Tags:
  1. jackd
    August 8th, 2010 at 12:13 | #1

    nice list. for the last one (password-less login) it’s maybe easier and more standard to use ssh-copy-id command instead.

  2. September 1st, 2010 at 13:50 | #2

    I’ve made a selection of my own ssh tricks (some are inspired by your list):

    Have a look at ssh tricks: “the usual and beyond”
    http://www.jedi.be/blog/2010/08/27/ssh-tricks-the-usual-and-beyond/

    Hope you like it!

  3. October 16th, 2011 at 15:16 | #4

    Hi,

    Bery nice tricks 🙂

    I wrote a few SSH tricks myself http://diogomelo.net/blog/10/ssh-tricks 😀

  1. August 8th, 2010 at 01:58 | #1
  2. November 25th, 2011 at 14:11 | #2