Tuesday, March 27, 2012

Advanced SSH tricks Linux

Today i will show you some SSH tricks that could be usefull! Well ssh is more powerfull than you thoght maybe - so check out the following little helpers to get your ssh life easier!


  • Have you ever tried to mount an filesystem securely over the world wide internetwork :)
    install the small tool SSHFS (apt-get install sshfs)
    You can now mount any remote filesystems DIR you have access to:
    $ sshfs user@remote2:/home/user/documents /mnt
  • Send an Command directly via SSH without login in and have to log out again after execution: this command will simply power off an remote machine!
    $ ssh user@remotehost sudo poweroff
  • If you have any long command you like to execute on an remote system you can also save it to any file as simple text and then run it remotly using:
    $ ssh user@remotehost "`cat filename.txt`"
  • The ssh-copy-id command is not as well-known as it should be, which is a shame because it is a great time-saver. This nifty command copies your public key to a remote host in the correct format, and to the correct directory. It even has a safety check that won't let you copy a private key by mistake. Specify which key you want to copy, like this:
    $ ssh-copy-id -i .ssh/id_rsa.pub user@remote
  • Use ssh-keygen to remove host keys from the ~/.ssh/known_hosts file to save some time. When the remote machine gets new SSH keys you'll get a warning, when you try to log in, that the key has changed. Using this is much faster than manually editing the file and counting down to the correct line to delete:
    $ ssh-keygen -R remote-hostname
  • When you're at the mercy of hotel and coffee shop Internet, a nice secure SSH tunnel makes your online adventures safer. To make this work you need a server that you control to act as a central node for escaping from hotspot follies. I have a server set up at home to accept remote SSH logins, and then use an SSH tunnel to route traffic through it. This is useful for a lot of different tasks. For example I can use my normal email client to send email, instead of hassling with Web mail or changing SMTP server configuration, and all traffic between my laptop and home server is encrypted. First create the tunnel to your personal server:
    $ ssh -f carla@homeserver.com -L 9999:homeserver.com:25 -N

    "this command will open locally port 9999 to static connect to
    port 25 on your remote machine, though that port needs to be
    opened up there, you can now use your mail client or for
    sending mails (port 25 smtp) via your home pc without trouble
    of getting spyed just set your SMTP port in your client to port 9999!
  • Bypass untrusted networks the easy way, lets say you want to browse the web and you have restrictions in your actual network just forward your traffic over ssh:
    $ ssh -D 9999 -C user@homeserver.com

    "now set ip/hostname and port in your Internet Browser eg.
    Firefox and keep on browsing the web securely :)"

No comments:

Post a Comment