Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Universal configuration monitoring and system of record for IT.
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2011-03-12 - Confoo 2011 presentation
Slides are available from the commandlinefu presentation at Confoo 2011: http://presentations.codeinthehole.com/confoo2011/
2011-01-04 - Moderation now required for new commands
To try and put and end to the spamming, new commands require moderation before they will appear on the site.
2010-12-27 - Apologies for not banning the trolls sooner
Have been away from the interwebs over Christmas. Will be more vigilant henceforth.
2010-09-24 - OAuth and pagination problems fixed
Apologies for the delay in getting Twitter's OAuth supported. Annoying pagination gremlin also fixed.
Hide

Top Tags

Hide

Functions

Commands tagged ssh from sorted by
Terminal - Commands tagged ssh - 171 results
sshostnew () {sed -i "$1d" $HOME/.ssh/known_hosts ; }
2011-11-07 10:33:04
User: _john
Tags: ssh sed
-1

If you work in an environment, where some ssh hosts change regularly this might be handy...

cat /var/log/auth.log | grep -i "pam_unix(sshd:auth): authentication failure;" | cut -d' ' -f14,15 | cut -d= -f2 | sort | uniq
2011-10-25 04:58:09
User: JohnQUnknown
Functions: cat cut grep sort
0

This command shows a sorted list of the IP addresses from which there have been authentication errors via SSH (possible script kiddies trying to gain access to your server), it eliminates duplicates so it's easier to read, but you can remove the "uniq" command at the end, or even do a "uniq -c" to have a count of how many times each IP address shows in the log (the path to the log may vary from system to system)

rsync -P -e 'ssh -p PORT' SRC DEST
2011-10-13 08:59:07
User: vickio
Functions: rsync
Tags: ssh rsync
-1

Transfer files with rsync over ssh on a non-standard port, showing a progress bar and resuming partial transfers.

multitail -l 'ssh machine1 "tail -f /var/log/apache2/error.log"' -l 'ssh machine2 "tail -f /var/log/apache2/error.log"'
2011-10-12 10:05:18
10

this way you have the multitail with all its options running on your own machine with the tails of the two remote machines inside :)

Tunnel a MySQL server listening on a UNIX socket to the local machine
2011-10-07 18:53:19
User: michaelmior
Tags: mysql ssh tunnel
2

Listens on local port 5500 and connects to remotehost with username user to tunnel the given socket file. Will work with anything, but can be useful if there's a need for a local application to connect with a remote server which was started without networking.

ssh <user>@<host> 'mkdir -m 700 ~/.ssh; echo ' $(< ~/.ssh/id_rsa.pub) ' >> ~/.ssh/authorized_keys ; chmod 600 ~/.ssh/authorized_keys'
2011-10-03 15:59:43
User: Halki
Functions: chmod echo ssh
Tags: ssh ksh
0

Creates the .ssh directory on the remote host with proper permissions, if it doesnt exist. Appends your public key to authorized_keys, and verifies it has proper permissions. (if it didnt exist it may have been created with undesireable permissions).

*Korn shell syntax, may or may not work with bash

cat ~/.ssh/id_rsa.pub | ssh <REMOTE> "(cat > tmp.pubkey ; mkdir -p .ssh ; touch .ssh/authorized_keys ; sed -i.bak -e '/$(awk '{print $NF}' ~/.ssh/id_rsa.pub)/d' .ssh/authorized_keys; cat tmp.pubkey >> .ssh/authorized_keys; rm tmp.pubkey)"
2011-09-30 07:39:24
User: tamouse
Functions: cat ssh
Tags: ssh awk
4

This one is a bit more robust -- the remote machine may not have an .ssh directory, and it may not have an authorized_keys file, but if it does already, and you want to replace your ssh public key for some reason, this will work in that case as well, without duplicating the entry.

ssh root@HOST tcpdump -iany -U -s0 -w - 'not port 22' | wireshark -k -i -
2011-09-13 21:10:40
User: dr3s
Functions: ssh tcpdump
0

analyze traffic remotely over ssh w/ wireshark

When using tcpdump, specify -U option to prevent buffering and -iany to see all interfaces.

sshmysql() { ssh -L 13306:127.0.0.1:3306 -N $* & }
2011-09-01 10:21:55
Functions: ssh
-1

Create a secure tunnelled connection for access to a remote MySQL database.

For example, connect with MySQL Workbench to [email protected]:13306.

date `ssh user@server date "+%y%m%d%H%M.%S"`
2011-08-30 22:32:14
User: wu
Functions: date
Tags: ssh ,NTP ,Date
0

Neat idea! This variation works on FreeBSD.

date --set="$(ssh user@server date)"
2011-08-30 20:03:06
User: splante
Functions: date
Tags: ssh ,NTP ,Date
32

Shorter, easier to remember version of cmd#7636

NTP is better, but there are situations where it can't be used. In those cases, you can do this to sync the local time to a server.

var=host ;while ! nc -zw 1 $var 22;do sleep 1; done ; ssh user@$var
complete -W "$(sed 's/;.*//;' /etc/hosts | awk ' /^[[:digit:]]/ {$1 = "";print tolower($0)}')" ssh
2011-06-20 03:54:45
User: daodennis
0

If you have a lot of hosts in /etc/hosts this would be very useful. Anyone have any more concise examples?

[enter]~?
2011-06-17 18:29:59
User: xeor
Tags: ssh
30

SSH can be controlled trough an ~ escape sequence. Example, to terminate the current ssh connection, type a newline, then the ~ character, and last a . character.

This is useful eg when an ssh connection hangs after you reboot a machine and the connection hangs.

complete -W "$(echo `cat ~/.ssh/known_hosts | cut -f 1 -d ' ' | sed -e s/,.*//g | uniq | grep -v "\["`;)" ssh
while true; do date; ssh <YOUR HOST HERE> "echo" && echo "HOST UP" && break; sleep 60; done
ssh -R 9000:localhost:9000 [email protected]
2011-05-28 09:39:16
User: nadavkav
Functions: ssh
2

If you need to xdebug a remote php application, which is behind a firewall, and you have an ssh daemon running on that machine. you can redirect port 9000 on that machine over to your local machine from which you run your xdebug client (I am using phpStorm)

So, run this command on your local machine and start your local xdebug client, to start debugging.

more info:

http://code.google.com/p/spectator/wiki/Installing

apt-get install `ssh root@host_you_want_to_clone "dpkg -l | grep ii" | awk '{print $2}'`
ssh vm-user@`VBoxManage guestproperty get "vm-name" "/VirtualBox/GuestInfo/Net/0/V4/IP" | awk '{ print $2 }'`
2011-05-04 18:01:36
User: lucasrangit
Functions: awk get ssh
9

Booting the VM headless via VBoxHeadless requires knowledge of the VM's network in order to connect. Using VBoxManage in this way and you can SSH to the VM without first looking up the current IP, which changes depending on how you have your VM configured.

pbpaste | ssh user@hostname pbcopy
2011-04-24 16:30:48
User: DavidLudwig
Functions: ssh
Tags: ssh osx clipboard
1

This uses ssh to transfer the contents of one Mac's clipboard to another's. This only works with plain text, sadly. Trying to transfer images will just clear out the remote machine's clipboard, and rich text will be converted to plain text. Using the "Remote Login" must be enabled on the remote machine (via System Preferences' Sharing panel) for this to work.

ssh username@remotehost 'mysqldump -u <dbusername> -p<dbpassword> <dbname> tbl_name_1 tbl_name_2 tbl_name_3 | gzip -c -' | gzip -dc - | mysql -u <localusername> -p<localdbpassword> <localdbname>
ssh username@remotehost 'mysqldump -u <dbusername> -p<dbpassword> <dbname> tbl_name_1 tbl_name_2 tbl_name_3' | mysql -u <localusername> -p<localdbpassword> <localdbname> < /dev/stdin
2011-03-09 18:35:07
User: tur_ki_sh
Functions: ssh
1

In the example above 3 tables are copied. You can change the number of tables. You should be able to come up with variants of the command by modifying the mysqldump part easily, to copy some part of remote mysql DB.

cat tarfile.tar.gz | ssh server.com " cd /tmp; tar xvzf - directory/i/want"
2011-02-11 17:10:01
User: alf
Functions: cat ssh
Tags: ssh tar
0

This may be listed already but this command is useful to untar a specific directory to a different server.

date +%Y%m%d%T -s "`ssh user@server 'date "+%Y%m%d %T"'`"
2011-01-11 10:33:32
Functions: date
Tags: ssh ,NTP ,Date
0

If you are stuck behind a firewall and want to synchronize time with another server but you do not want to port forward NTP (which uses UDP) then this command is handy. It gets the time from a server and sets the local time. It is not that accurate but I can live with a second or so drift.

ssh -T user@server < script.sh
2011-01-10 20:09:55
User: dlebauer
Functions: ssh
4

Run local scripts on remote server. "-T Disable pseudo-tty allocation"