Commands tagged ssh

Sometimes it is necessary to view debug messages to troubleshoot any

SSH connection issues. pass -v (lowercase v) option to the ssh as shown

below to view the ssh debug messages.

http://github.com/c3w/ash

. a Ruby SSH helper script

. reads a JSON config file to read host, FQDN, user, port, tunnel options

. changes OSX Terminal profiles based on host 'type'

USAGE:

put 'ash' ruby script in your PATH

modify and copy ashrc-dist to ~/.ashrc

configure OSX Terminal profiles, such as "webserver", "development", etc

run "ash myhostname" and away you go!

v.2 will re-attach to a 'screen' named in your ~/.ashrc

Play with the framerate option '-r' to scale back bandwidth usage.

The '-s' option is the captured screan area, not the rescaled size. If you want to rescale add a second '-s' option after '-i :0'. Rescaling smaller will also decrease bandwidth.

This command will bypass checking the host key of the target server against the local known_hosts file.

When you SSH to a server whose host key does not match the one stored in your local machine's known_hosts file, you'll get a error like " WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" that indicates a key mismatch. If you know the key has legitimately changed (like the server was reinstalled), a permanent solution is to remove the stored key for that server in known_hosts.

However, there are some occasions where you may not want to make the permanent change. For example, you've done some port-forwarding trickery with ssh -R or ssh -L, and are doing ssh user@localhost to connect over the port-forwarding to some other machine (not actually your localhost). Since this is usually temporary, you probably don't want to change the known_hosts file. This command is useful for those situations.

Credit: Command found at http://linuxcommando.blogspot.com/2008/10/how-to-disable-ssh-host-key-checking.html. Further discussion of how it works is there also.

Note this is a bit different than command #5307 - with that one you will still be prompted to store the unrecognized key, whereas this one won't prompt you for the key at all.

Mac install ssh-copy-id

From there on out, you would upload keys to a server like this:

(make sure to double quote the full path to your key)

or, if your SSH server uses a different port (often, they will require that the port be '2222' or some other nonsense:

(note the double quotes on *both* the "/path/to/key" and "user@server -pXXXX"):

...where XXXX is the ssh port on that server

this command from the source server and this follow in the destination server:

ssh user@localhost -p 8888

commandline for mac os x

Works for multiple hosts (such as www.google.com) and/or wrong hosts.

Quick shortcut if you know the hostname and want to save yourself one step for looking up the IP address separately.

Easily removes line #2 in ~/.ssh/known_hosts.

If you have servers on Wide Area Network (WAN), you may experience very long transfer rates due to limited bandwidth and latency.

To speed up you transfers you need to compress the data so you will have less to transfer.

So the solution is to use a compression tools like gzip or bzip or compress before and after the data transfer.

Using ssh "-C" option is not compatible with every ssh version (ssh2 for instance).

It's useful mostly for your custom scripts, which running on specific host and tired on ssh'ing every time when you need one simple command (i use it for update remote apt repository, when new package have to be downloaded from another host).

Don't forget to set up authorization by keys, for maximum comfort.

This improves on #9892 by compressing the directory on the remote machine so that the amount of data transferred over the network is much smaller. The command uses ssh(1) to get to a remote host, uses tar(1) to archive and compress a remote directory, prints the result to STDOUT, which is written to a local file. In other words, we are archiving and compressing a remote directory to our local box.

The command uses ssh(1) to get to a remote host, uses tar(1) to archive a remote directory, prints the result to STDOUT, which is piped to gzip(1) to compress to a local file. In other words, we are archiving and compressing a remote directory to our local box.

If you work in an environment, where some ssh hosts change regularly this might be handy...

This command shows a sorted list of the IP addresses from which there have been authentication errors via SSH (possible script kiddies trying to gain access to your server), it eliminates duplicates so it's easier to read, but you can remove the "uniq" command at the end, or even do a "uniq -c" to have a count of how many times each IP address shows in the log (the path to the log may vary from system to system)

Transfer files with rsync over ssh on a non-standard port, showing a progress bar and resuming partial transfers.

this way you have the multitail with all its options running on your own machine with the tails of the two remote machines inside :)

Listens on local port 5500 and connects to remotehost with username user to tunnel the given socket file. Will work with anything, but can be useful if there's a need for a local application to connect with a remote server which was started without networking.

Creates the .ssh directory on the remote host with proper permissions, if it doesnt exist. Appends your public key to authorized_keys, and verifies it has proper permissions. (if it didnt exist it may have been created with undesireable permissions).

*Korn shell syntax, may or may not work with bash

This one is a bit more robust -- the remote machine may not have an .ssh directory, and it may not have an authorized_keys file, but if it does already, and you want to replace your ssh public key for some reason, this will work in that case as well, without duplicating the entry.

analyze traffic remotely over ssh w/ wireshark

When using tcpdump, specify -U option to prevent buffering and -iany to see all interfaces.

Create a secure tunnelled connection for access to a remote MySQL database.

For example, connect with MySQL Workbench to root@127.0.0.1:13306.