What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

UpGuard checks and validates configurations for every major OS, network device, and cloud provider.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:



May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!

Top Tags



Commands tagged ssh from sorted by
Terminal - Commands tagged ssh - 178 results
remserial -d -p 23000 -s "115200 raw" /dev/ttyS0 &
2012-11-19 17:56:02
User: phattmatt

Requires software found at: http://lpccomp.bc.ca/remserial/

Remote [A] (with physical serial port connected to device)

./remserial -d -p 23000 -s "115200 raw" /dev/ttyS0 &

Local [B] (running the program that needs to connect to serial device)

Create a SSH tunnel to the remote server:

ssh -N -L 23000:localhost:23000 [email protected]

Use the locally tunnelled port to connect the local virtual serial port to the remote real physical port:

./remserial -d -r localhost -p 23000 -l /dev/remser1 /dev/ptmx &

Example: Running minicom on machine B using serial /dev/remser1 will actually connect you to whatever device is plugged into machine A's serial port /dev/ttyS0.

telnet 0 <port>
2012-11-16 03:38:49
User: somaddict
Functions: telnet

Super fast way to ftp/telnet/netcat/ssh/ping your loopback address for testing. The default route is simply reduced to 0.

for host in $HOSTNAMES; do ping -q -c3 $host && ssh $host 'command' & for count in {1..15}; do sleep 1; jobs | wc -l | grep -q ^0\$ && continue; done; kill %1; done &>/dev/null
for host in $MYHOSTS; do ping -q -c3 $H 2>&1 1>/dev/null && ssh -o 'AllowedAuthe ntications publickey' $host 'command1; command2' & for count in 1 2 3 4 5; do sleep 1; jobs | wc -l | grep -q ^0\$ && continue; done; kill %1; done
2012-11-13 23:12:27
User: a8ksh4
Functions: grep host jobs kill ping sleep ssh wc

Execute commands serially on a list of hosts. Each ssh connection is made in the background so that if, after five seconds, it hasn't closed, it will be killed and the script will go on to the next system.

Maybe there's an easier way to set a timeout in the ssh options...

ssh remotehosts;date
2012-11-09 01:14:24
User: kiiwii
Functions: ssh

Run this within a steady screen session.

You can get the approximate time when the remote server went down or other abnormal behavior.

if [ -n "$SSH_CONNECTION" ]; then export TMOUT=300; fi
2012-11-03 18:39:25
User: Testuser_01
Functions: export

This will check if a user is logged in using ssh and will log out the user automatically after the specified time in seconds without data retrieval on the server side.

Will work with bash and zsh so put it into your sourced shell file on the server side.

Be aware that users can change this themselves as it's just a envoronment variable.

ssh-add ~/.ssh/KEY_PAIR_NAME.pem
2012-11-03 02:59:52
User: brockangelo
Functions: ssh ssh-add
Tags: ssh EC2

This command adds your pem key to SSH so that you no longer have to manually specify it when connecting to EC2 instances.

# you can do this:

ssh ec2-instance.amazonaws.com

# instead of this:

ssh -i ~/.ssh/KEY_PAIR_NAME.pem ec2-instance.amazonaws.com

ssh -XfC -c blowfish [email protected] Xephyr dpms -fullscreen -query localhost :5
2012-11-01 18:59:57
User: hute37
Functions: ssh
Tags: ssh X Xephyr xdmcp

ssh compresion -C option ...

on slow connection VNC performs better but in local LAN native secure X protocol is an option

ssh -t [email protected]_host tmux attach
2012-10-12 17:55:50
User: shadow_id
Functions: ssh
Tags: ssh tmux

if you use tmux and wish to automatically reattach you previously detached sessions when logging in.

netstat -tn | awk '($4 ~ /:22\s*/) && ($6 ~ /^EST/) {print substr($5, 0, index($5,":"))}'
sshpass -p 'sshpssword' ssh -t <sshuser>@<remotehost> "echo <sudopassword> | sudo -S <command>"
2012-09-13 20:27:13
User: dynaguy
Functions: ssh
Tags: ssh sudo sshpass

Example: remote install an application(wine).

sshpass -p 'mypssword' ssh -t [email protected] "echo 'mypassword' | sudo -S apt-get install wine"

Tested on Ubuntu.

plink -agent gist.github.com
s() { screen -d -RR -m -S "$1" -t "$USER"@"$1" ssh "$1"; }
2012-09-07 23:02:52
User: salamando
Functions: screen ssh
Tags: ssh screen Linux

Use as: $ s host1

Will ssh to remote host upon first invocation. Then use C-a d to detatch. Running "s host1" again will resume the shell session on the remote host. Only useful in LAN environment. You'd want to start the screen on the remote host over a WAN.

Adapted from Hack 34 in Linux Server Hacks 2nd Addition.

tar cvzf - /folder/ | ssh [email protected] "dd of=/dest/folder/file.tar.gz"
2012-07-13 17:54:51
User: kruspemsv
Functions: ssh tar

Really useful when out of space in your current machine.

You can ran this also with cat for example:

tar zcvf - /folder/ | ssh [email protected] "cat > /dest/folder/file.tar.gz"

Or even run other command's:

tcpdump | ssh [email protected] "cat > /tmp/tcpdump.log"
2012-06-26 16:26:11
User: ankush108
Tags: ssh

While logged into ssh, type ~s to see stats of ssh

~ <Ctrl+Z>
ssh -v [email protected]
2012-06-26 16:11:35
User: ankush108
Functions: ssh
Tags: ssh debug

Sometimes it is necessary to view debug messages to troubleshoot any

SSH connection issues. pass -v (lowercase v) option to the ssh as shown

below to view the ssh debug messages.

ash prod<tab>
2012-05-12 19:51:02
User: c3w


. a Ruby SSH helper script

. reads a JSON config file to read host, FQDN, user, port, tunnel options

. changes OSX Terminal profiles based on host 'type'


put 'ash' ruby script in your PATH

modify and copy ashrc-dist to ~/.ashrc

configure OSX Terminal profiles, such as "webserver", "development", etc

run "ash myhostname" and away you go!

v.2 will re-attach to a 'screen' named in your ~/.ashrc

ssh [email protected] "ffmpeg -f x11grab -r 5 -s 1280x720 -i :0 -f avi -" | ffplay - &>/dev/null
2012-05-01 06:26:49
User: buhrietoe
Functions: ssh
Tags: ssh ffmpeg ffplay

Play with the framerate option '-r' to scale back bandwidth usage.

The '-s' option is the captured screan area, not the rescaled size. If you want to rescale add a second '-s' option after '-i :0'. Rescaling smaller will also decrease bandwidth.

ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no [email protected]
2012-04-20 01:54:04
User: dmmst19
Functions: ssh

This command will bypass checking the host key of the target server against the local known_hosts file.

When you SSH to a server whose host key does not match the one stored in your local machine's known_hosts file, you'll get a error like " WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" that indicates a key mismatch. If you know the key has legitimately changed (like the server was reinstalled), a permanent solution is to remove the stored key for that server in known_hosts.

However, there are some occasions where you may not want to make the permanent change. For example, you've done some port-forwarding trickery with ssh -R or ssh -L, and are doing ssh [email protected] to connect over the port-forwarding to some other machine (not actually your localhost). Since this is usually temporary, you probably don't want to change the known_hosts file. This command is useful for those situations.

Credit: Command found at http://linuxcommando.blogspot.com/2008/10/how-to-disable-ssh-host-key-checking.html. Further discussion of how it works is there also.

Note this is a bit different than command #5307 - with that one you will still be prompted to store the unrecognized key, whereas this one won't prompt you for the key at all.

ssh [email protected] "cat /path/to/archive.tgz" | tar zxvf -
sudo curl "http://hg.mindrot.org/openssh/raw-file/c746d1a70cfa/contrib/ssh-copy-id" -o /usr/bin/ssh-copy-id && sudo chmod 755 /usr/bin/ssh-copy-id
2012-02-09 20:29:24
User: misterich
Functions: chmod sudo

Mac install ssh-copy-id

From there on out, you would upload keys to a server like this:

(make sure to double quote the full path to your key)

ssh-copy-id -i "/PATH/TO/YOUR/PRIVATE/KEY" [email protected]

or, if your SSH server uses a different port (often, they will require that the port be '2222' or some other nonsense:

(note the double quotes on *both* the "/path/to/key" and "[email protected] -pXXXX"):

ssh-copy-id -i "/PATH/TO/YOUR/PRIVATE/KEY" "[email protected] -pXXXX"

...where XXXX is the ssh port on that server

ssh -f -N -R 8888:localhost:22 [email protected]
2012-02-08 20:24:38
User: 0disse0
Functions: ssh
Tags: ssh

this command from the source server and this follow in the destination server:

ssh [email protected] -p 8888

ssh [email protected] sudo tcpdump -i eth0 -w - 'port 80'| /Applications/Wireshark.app/Contents/Resources/bin/wireshark -k -i -
for HOSTTOREMOVE in $(dig +short host.domain.tld); do ssh-keygen -qR $HOSTTOREMOVE; done