What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

UpGuard checks and validates configurations for every major OS, network device, and cloud provider.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:



May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!

Top Tags



Psst. Open beta.

Wow, didn't really expect you to read this far down. The latest iteration of the site is in open beta. It's a gentle open beta-- not in prime-time just yet. It's being hosted over at UpGuard (link) and you are more than welcome to give it a shot. Couple things:

  • » The open beta is running a copy of the database that will not carry over to the final version. Don't post anything you don't mind losing.
  • » If you wish to use your user account, you will probably need to reset your password.
Your feedback is appreciated via the form on the beta page. Thanks! -Jon & CLFU Team

Commands tagged ssh from sorted by
Terminal - Commands tagged ssh - 178 results
brew install ssh-copy-id; ssh-copy-id [email protected]
diff <(ssh-keygen -y -f ~/.ssh/id_rsa) <(cut -d' ' -f1,2 ~/.ssh/id_rsa.pub)
rhost() { if [[ $1 =~ ^[0-9]+$ ]]; then sed -i "$1"d ${HOME}/.ssh/known_hosts; else echo "rhost [n]"; fi }
2013-08-01 21:10:34
User: lowjax
Functions: echo sed

Quickly remove the conflicting line (key) from current users known_hosts file when there is an SSH host conflict. Very nice when you get tired of writing out full commands. Ideally you would place this into your .bash_profile

Usage: rhost [n]

Example: rhost 33 (removes line 33 from ~/.ssh/known_hosts)

Function assumes the $HOME exists, you could alternatively use "~/.ssh/known_hosts"

Mac OSX likes a space for sed -i "$1" d

socat udp-listen:1611 system:'ssh remoteserver "socat stdio udp-connect:remotetarget:161"'
2013-07-02 15:08:14
User: kbo
Tags: ssh socat

Forward local UDP port to remotetarget via ssh.

2013-06-26 13:34:58
User: carlesso

This is useful for example if you are on ssh in a server and the server goes down without letting you out.

This is part of a larget sets of escape sequences provided by ssh. You can find them with ~? Here's the list:

~. - terminate connection (and any multiplexed sessions)

~B - send a BREAK to the remote system

~C - open a command line

~R - request rekey

~V/v - decrease/increase verbosity (LogLevel)

~^Z - suspend ssh

~# - list forwarded connections

~& - background ssh (when waiting for connections to terminate)

~? - this message

~~ - send the escape character by typing it twice

(Note that escapes are only recognized immediately after newline.)

sshuttle -r <username>@<sshserver> 0/0
2013-06-13 19:44:23
User: AvImd

https://github.com/apenwarr/sshuttle disassembles TCP packets, sends them over SSH, assembles and forwards on the server side, and vice versa.

SSHPASS='your_password' sshpass -e ssh [email protected]
2013-06-03 12:26:40
User: djkadu
Functions: ssh

The above is OK if you not worried about security, as per sshpass man pages:

" The -p option should be considered the least secure of all of sshpass's options. All system users can see the password in the command line with a simple "ps" command."

So, instead what I do is use the -e option:

" -e The password is taken from the environment variable "SSHPASS"."

date --set="$(ssh [email protected] 'date -u')"
2013-06-03 06:43:49
Functions: date
Tags: ssh ,NTP ,Date

using -u is better for standardizing date output and timezones, for servers in different timezones.

wmr - | pv -s $SIZEOFMEM | ssh -p 40004 -c arcfour,blowfish-cbc -C [email protected] "cat - > /forensics/T430-8gb-RAM1.dd"
2013-05-31 00:04:19
User: bhbmaster
Functions: ssh

wmr - | pv -s $SIZEOFMEM | ssh -p 40004 -c arcfour,blowfish-cbc -C [email protected] "cat - > /forensics/T430-8gb-RAM1.dd"

Run above command from Windows Cygwin:

On Windows: Install Cygwin, and copy WMR (windows memory reader 1.0) memory diagnostic into cygwin\bin folder, also install cygwins netcat and ssh (openssh). I recommend installing apt-cyg and running "

On Linux: Have an SSH Server


WINDOWS: # wmr - | ssh [email protected] "cat - > /tmp/FileToSave.dd"

For more details on how to extract information from memory dump:

apt-get install foremost

foremost -t all -T -i /forensics/T430-8gb-RAM1.dd

For more information:


tcpdump -i eth0 -w - | ssh forge.remotehost.com -c arcfour,blowfish-cbc -C -p 50005 "cat - | gzip > /tmp/eth0.pcap.gz"
2013-05-30 07:41:22
User: bhbmaster
Functions: ssh tcpdump
Tags: ssh tcpdump gzip

NOTE: When opening the files you might need to strip the very top line with notepad++ as its a mistake header

This is useful when the local machine where you need to do the packet capture with tcpdump doesn?t have enough room to save the file, where as your remote host does

tcpdump -i eth0 -w - | ssh forge.remotehost.com -c arcfour,blowfish-cbc -C -p 50005 "cat - | gzip > /tmp/eth0.pcap.gz"

Your @ PC1 doing a tcpdump of PC1s eth0 interface and its going to save the output @ PC2 who is called save.location.com to a file /tmp/eth0-to-me.pcap.gz again on PC2

More info @: http://www.kossboss.com/linuxtcpdump1

tcpdump -i eth0 -w - | ssh savelocation.com -c arcfour,blowfish-cbc -C -p 50005 "cat - > /tmp/eth0.pcap"
2013-05-30 07:33:48
User: bhbmaster
Functions: ssh tcpdump
Tags: ssh tcpdump

This is useful when the local machine where you need to do the packet capture with tcpdump doesn?t have enough room to save the file, where as your remote host does

tcpdump -i eth0 -w - | ssh savelocation.com -c arcfour,blowfish-cbc -C -p 50005 "cat - > /tmp/eth0.pcap"

Your @ PC1 doing a tcpdump of PC1s eth0 interface and its going to save the output @ PC2 who is called save.location.com to a file /tmp/ppp1-to-me.pcap.gz again on PC2

More info @: http://www.kossboss.com/linuxtcpdump1

cd /srcfolder; tar -czf - . | pv -s `du -sb . | awk '{print $1}'` | ssh -c arcfour,blowfish-cbc -p 50005 [email protected] "tar -xzvf - -C /dstfolder"
2013-05-30 07:21:06
User: bhbmaster
Functions: awk cd ssh tar
Tags: ssh tar pv

NOTE: When doing these commands when asked for questions there might be flowing text from the pv doing the progress bar just continue typing as if its not there, close your eyes if it helps, there might be a yes or no question, type "yes" and ENTER to it, and also it will ask for a password, just put in your password and ENTER

I talk alot more about this and alot of other variations of this command on my site:


cat filein | ssh destination.com -c arcfour,blowfish-cbc -C -p 50005 "cat - > /tmp/fileout"
2013-05-30 07:18:46
User: bhbmaster
Functions: cat ssh
Tags: cat ssh

Where filein is the source file, destination.com is the ssh server im copying the file to, -c arcfour,blowfish-cbc is selecting the fastest encryption engines, -C is for online compressions and decompression when it comes off the line - supposed to speed up tx in some cases, then the /tmp/fileout is how the file is saved...

I talk more about it on my site, where there is more room to talk about this:




sshpass -p "YOUR_PASSWORD" ssh -o StrictHostKeyChecking=no [email protected]_SITE.COM
2013-05-24 14:33:38
User: o0110o
Functions: ssh

You need to install "sshpass" for this to work.

apt-get install sshpass

ssh -q ${SRC_HOST} "mysqldump --add-drop-database --create-options --databases wordpress | sed -r \"s/${OLD_URL}/${NEW_URL}/g\" | gzip -9" | ssh ${DST_HOST} "gunzip | mysql"
ssh [email protected] "DISPLAY=:0.0 import -window root png:-" | open -a /Applications/Preview.app -f
2013-04-14 23:52:53
User: yuumei
Functions: ssh

Takes a screenshot of x11 and pipes it over ssh to the preview application on a mac. Requires imagemagick on the server side.

ssh -t myserver.org 'sudo ls /etc'
2013-04-09 04:23:37
User: patko
Functions: ls ssh
Tags: ssh sudo

This command will ask for remote sudo password before executing a remote command.

ssh <remoteuser>@<remoteserver> \ 'mysqldump -u <user> -p<password> <database>' \ | mysql -u <user> -p<password> <database>
2013-03-05 19:20:52
User: kvcrawford
Functions: ssh
Tags: mysql ssh sync

There must be no space between -p and the password

ssh [email protected] "cat /remote/music/dir/*.mp3" | mpg123 -
2013-02-15 20:03:21
User: erix
Functions: mpg123 ssh
Tags: ssh Linux mpg123

This is just a quick and dirty way to play remote audio files *locally* in your PC.

The best way is to mount the remote Music directory into the local FS, say by using sshfs:

sshfs [email protected]:/remote/music/dir/ /mnt/other_pc/

rsync -aHAXxv --numeric-ids --delete --progress -e "ssh -T -c arcfour -o Compression=no -x" user@<source>:<source_dir> <dest_dir>
2012-12-26 13:46:23
User: somaddict
Functions: rsync
Tags: ssh rsync

This creates an archive that does the following:


(Everyone seems to like -z, but it is much slower for me)

-a: archive mode - rescursive, preserves owner, preserves permissions, preserves modification times, preserves group, copies symlinks as symlinks, preserves device files.

-H: preserves hard-links

-A: preserves ACLs

-X: preserves extended attributes

-x: don't cross file-system boundaries

-v: increase verbosity

--numeric-ds: don't map uid/gid values by user/group name

--delete: delete extraneous files from dest dirs (differential clean-up during sync)

--progress: show progress during transfer


-T: turn off pseudo-tty to decrease cpu load on destination.

-c arcfour: use the weakest but fastest SSH encryption. Must specify "Ciphers arcfour" in sshd_config on destination.

-o Compression=no: Turn off SSH compression.

-x: turn off X forwarding if it is on by default.

Flip: rsync -aHAXxv --numeric-ids --delete --progress -e "ssh -T -c arcfour -o Compression=no -x" [source_dir] [dest_host:/dest_dir]

2012-12-19 17:53:50
User: slafs

When your ssh session hanged (probably due to some network issues) you can "kill" it by hitting those 3 keys instead of closing the entire terminal.

ssh -t [email protected] 'sudo bash -c "ls /var/log && cat /etc/passwd"'
cat ~/.ssh/id_rsa.pub | ssh [email protected] 'cat >> ~/.ssh/authorized_keys'
ssh -t HOSTNAME 'tail -f LOGFILE' | while read; do growlnotify -t "TITLE" -m "$REPLY"; done