Commands using ssh

Quick shortcut if you know the hostname and want to save yourself one step for looking up the IP address separately.

Launch a gui app remotely. In this example smplayer is installed on the remote machine, and movie.avi is in the remote user's home dir. Note that stdout/stderr is still local, so you'll have feedback locally, add '&>/dev/null' to suppress. This is surprisingly not well known (compared to running an X app locally via ssh -X). (NB. if your distro requires ~/.Xauthority file present, then try -fX if you have problems)

Resubmitted (and trimmed, thanks sitaram) due to ridiculous voting on previous submission. Fingers crossed, it gets a better rating this time.

You can use this to directly dump from machine A (with dvd drive) to machine B (without dvd drive) . I used this to copy dvd using my friend's machine to my netbook. Above command is to be issued on machine B.

Advantages :

1) No wasting time dumping first to machine A and then copying to Machine B.

2) You dont need to use space on Machine A. In fact, this will work even when Machine A doesnt have enough hdd space to dump the DVD.

Use -C ssh option on slow networks (enables compression).

you can replace "dd if=/dev/dvd" with any ripping command as long as it spews the iso to stdout.

This can be much faster than downloading one or both trees to a common servers and comparing the files there. After, only those files could be copied down for deeper comparison if needed.

Instead of looking for the right ip address, just pick whatever address you like and set a static ip mapping.

Connect to a machine running ssh using mac address by using the "arp" command

I wanted to keep a backup of my company database server on my local homeserver. After I found maatkit to sync databases, everything except security seemed fine. SSH takes care of that part.

The important thing to note in this command, is the "-n" flag.

Once it is connected to the remote server by that ssh protocol,the mentioned command will start working on that server.

Of course you need to be able to access host A for this ;-)

Stop tormenting the poor animal cat!

Also you should not that you need a private key not protected by a passphrase on middlehost that grants you access to securehost..

middlehost allows ssh access from where you are but not securehost.

Use nice ssh piping to simulate scp through A => B => C

setting up the shell function if left as an exercise for the reader. ;-)

Agent forwarding should avoid password typing.

Useful to move many files (thousands or millions files) over ssh. Faster than scp because this way you save a lot of tcp connection establishments (syn/ack packets).

If using a fast lan (I have just tested gigabyte ethernet) it is faster to not compress the data so the command would be:

tar -cf - /home/user/test | ssh user@sshServer 'cd /tmp; tar xf -'

I have a small embedded linux device that I wanted to use for sniffing my external network, but I didn't want to recompile/cross-compile snort for the embedded platform. So I used tcpdump over ssh to pass all the traffic as pcap data to a "normal" Linux system that then takes the pcap data and passes it to snort for processing.

Locally watch MySQL process list update every 5s on a remote host. While you watch pipe to a file. The file out put is messy though but hey at least you have a history of what you see.

Same as original just no $ at start

If you know the benefits of screen, then this might come in handy for you. Instead of ssh'ing into a machine and then running a screen command, this can all be done on one line instead. Just have the person on the machine your ssh'ing into run something like

Then you would run

and be attached to the same screen session.

This will launch and irssi session on your server. If it's not running, it will create the session. If it's running it'll connect to it and destroy any other connections. If compositing is available, the rxvt window will have transparency added. This window will also open maximized. Anything else this does should be easily figured out in the man pages.

Knock on ports to open a port to a service (ssh for example) and knock again to close the port. You have to install knockd.

See example config file below.

[options]

logfile = /var/log/knockd.log

[openSSH]

sequence = 3000,4000,5000

seq_timeout = 5

command = /sbin/iptables -A INPUT -i eth0 -s %IP% -p tcp --dport 22 -j ACCEPT

tcpflags = syn

[closeSSH]

sequence = 5000,4000,3000

seq_timeout = 5

command = /sbin/iptables -D INPUT -i eth0 -s %IP% -p tcp --dport 22 -j ACCEPT

tcpflags = syn

Directly attach a remote screen session (saves a useless parent bash process)

Requires Linux Remind:

http://www.roaringpenguin.com/products/remind

and Growl on the Mac:

http://growl.info/

growlnotify needs to be in the executable path on the mac.

Combined with "prowl" in the iPhone you can receive push notifications of your reminders to the iPhone.

put down the joint and rtfm :)

Redirects the contents of your clipboard through a pipe, to a remote machine via SSH.