Essential SSH and SCP Command Cheat Sheet

Classified in Computers

Written on in English with a size of 4.22 KB

Connecting via SSH

Connect to a server (default port 22):

$ ssh [email protected]

Connect on a specific port:

$ ssh [email protected] -p 6222

Connect via PEM file (requires 0400 permissions):

$ ssh -i /path/file.pem [email protected]

See: SSH Permissions

Executing Remote Commands

Execute a remote command:

$ ssh [email protected] 'ls -l'

Invoke a local script:

$ ssh [email protected] bash < script.sh

Compress and download from a server:

$ ssh [email protected] "tar cvzf - ~/source" > output.tgz

SCP File Transfers

  • Copy from remote to local: scp user@server:/dir/file.ext dest/
  • Copy between two servers: scp user@server:/file user@server:/dir
  • Copy from local to remote: scp dest/file.ext user@server:/dir
  • Copy a whole folder: scp -r user@server:/dir dest/
  • Copy all files from a folder: scp user@server:/dir/* dest/
  • Copy from server folder to current folder: scp user@server:/dir/* .

Configuration Locations

PathDescription
/etc/ssh/ssh_configSystem-wide config
~/.ssh/configUser-specific config
~/.ssh/id_{type}Private key
~/.ssh/id_{type}.pubPublic key
~/.ssh/known_hostsLogged in host
~/.ssh/authorized_keysAuthorized login key

SCP Options

OptionDescription
-rRecursively copy directories
-CCompresses data
-vPrints verbose info
-PUses a specific port
-BBatch mode (prevents password prompt)
-pPreserves times and modes

SSH Config Sample

Host server1 
    HostName 192.168.1.5
    User root
    Port 22
    IdentityFile ~/.ssh/server1.key

Launch by alias:

$ ssh server1

See: Full Config Options

ProxyJump

$ ssh -J proxy_host1 remote_host2
$ ssh -J user@proxy_host1 user@remote_host2

Multiple jumps:

$ ssh -J user@proxy_host1:port1,user@proxy_host2:port2 user@remote_host3

SSH Copy ID

Copy public key to server:

$ ssh-copy-id user@server
$ ssh-copy-id server1
$ ssh-copy-id -i ~/.ssh/id_rsa.pub user@server

SSH Keygen

Generating Keys

$ ssh-keygen -t rsa -b 4096 -C "[email protected]"
FlagDescription
-tType of key
-bNumber of bits
-CAdd a comment

Key Management

  • Generate interactively: ssh-keygen
  • Specify filename: ssh-keygen -f ~/.ssh/filename
  • Generate public from private: ssh-keygen -y -f private.key > public.pub
  • Change comment: ssh-keygen -c -f ~/.ssh/id_rsa
  • Change passphrase: ssh-keygen -p -f ~/.ssh/id_rsa

Supported Key Types

  • rsa
  • ed25519
  • dsa
  • ecdsa

Known Hosts Management

Search known_hosts: ssh-keygen -F <ip/hostname>

Remove from known_hosts: ssh-keygen -R <ip/hostname>

Key Formats

  • PEM
  • PKCS8
Karma: 13%
Visits: 0

Related entries:

Tags:
ssh-keygen bash network-administration linux ssh server-management cybersecurity sysadmin remote-access proxyjump scp terminal ssh-keys ssh-config