Commands tagged ssh (190)

  • Bash process substitution which curls the website 'hashbang.sh' and executes the shell script embedded in the page. This is obviously not the most secure way to run something like this, and we will scold you if you try. The smarter way would be: Download locally over SSL > curl https://hashbang.sh >> hashbang.sh Verify integrty with GPG (If available) > gpg --recv-keys 0xD2C4C74D8FAA96F5 > gpg --verify hashbang.sh Inspect source code > less hashbang.sh Run > chmod +x hashbang.sh > ./hashbang.sh


    5
    sh <(curl hashbang.sh)
    lrvick · 2015-03-15 21:02:01 16
  • Set Remote Server Date using Local Server Time (push) Show Sample Output


    5
    ssh user@server sudo date -s @`( date -u +"%s" )`
    daryltucker · 2015-03-26 20:25:23 11
  • The ssh command alone will execute the sudo command remotely, but the password will be visible in the terminal as you type it. The two stty commands disable the terminal from echoing the password back to you, which makes the remote sudo act as it does locally.


    4
    stty -echo; ssh -t HOSTNAME "sudo some_command"; stty echo
    jmcantrell · 2009-03-04 19:44:36 12
  • I find it ugly & sexy at the same time isn't it ?


    4
    [[ $(COLUMNS=200 ps faux | awk '/grep/ {next} /ssh -N -R 4444/ {i++} END {print i}') ]] || nohup ssh -N -R 4444:localhost:22 user@relay &
    j0rn · 2009-03-31 09:39:59 9
  • This starts a very basic X session, with just a simple xterm. You can use this xterm to launch your preferred distant session. ssh -X john@otherbox gnome-session Try also startkde or fluxbox or xfce4-session. To switch between your two X servers, use CTRL+ALT+F7 and CTRL+ALT+F8.


    4
    xinit -- :1
    flux · 2009-07-31 23:42:28 4
  • middlehost allows ssh access from where you are but not securehost. Use nice ssh piping to simulate scp through A => B => C setting up the shell function if left as an exercise for the reader. ;-) Agent forwarding should avoid password typing.


    4
    cat nicescript |ssh middlehost "cat | ssh -a root@securehost 'cat > nicescript'"
    syladmin · 2009-08-25 08:11:12 7
  • dsh - Distributed shell, or dancer?s shell ;-) you can put your servers into /etc/dsh/machines.list than you don't have to serperate them by commata or group them in different files and only run commands for this groups dsh -M -c -a -- "apt-get update" Show Sample Output


    4
    dsh -M -c -f servers -- "command HERE"
    foob4r · 2009-08-31 12:08:38 3
  • Get your server's fingerprints to give to users to verify when they ssh in. Publickey locations may vary by distro. Fingerprints should be provided out-of-band. Show Sample Output


    4
    ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub && ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub
    Mikelifeguard · 2009-10-26 17:52:41 4

  • 4
    startx -- /usr/X11R6/bin/Xnest :5 -geometry 800x600
    ivanatora · 2010-02-26 11:02:27 5
  • Useful to create an alias that sends you right in the directory you want : alias server-etc="ssh -t server 'cd /etc && $SHELL'"


    4
    ssh -t server 'cd /etc && $SHELL'
    dooblem · 2010-04-02 19:34:09 6
  • When debugging an ssh connection either to optimize your settings ie compression, ciphers, or more commonly for debugging an issue connecting, this alias comes in real handy as it's not easy to remember the '-o LogLevel=DEBUG3' argument, which adds a boost of debugging info not available with -vvv alone. Especially useful are the FD info, and the setup negotiation to create a cleaner, faster connection. Show Sample Output


    4
    alias sshv='ssh -vvv -o LogLevel=DEBUG3'
    AskApache · 2010-10-30 11:23:52 4
  • - port 8080 on localhost will be a SOCKSv5 proxy - at localhost:localport1 you will be connected to the external source server1:remoteport1 and at bind_address2:localport2 to server2:remoteport2 - you will be using only IPv4 and arcfour/blowfish-cbc, in order to speed up the tunnel - if you lose the connection, autossh will resume it at soon as possible - the tunnel is here a background process, wiithout any terminal window open


    4
    autossh -M 0 -p 22 -C4c arcfour,blowfish-cbc -NfD 8080 -2 -L localport1:server1:remoteport1 -L bind_address2:localport2:server2:remoteport2 user@sshserver
    dddddsadasdasd · 2010-11-13 23:49:09 4
  • This one is a bit more robust -- the remote machine may not have an .ssh directory, and it may not have an authorized_keys file, but if it does already, and you want to replace your ssh public key for some reason, this will work in that case as well, without duplicating the entry.


    4
    cat ~/.ssh/id_rsa.pub | ssh <REMOTE> "(cat > tmp.pubkey ; mkdir -p .ssh ; touch .ssh/authorized_keys ; sed -i.bak -e '/$(awk '{print $NF}' ~/.ssh/id_rsa.pub)/d' .ssh/authorized_keys; cat tmp.pubkey >> .ssh/authorized_keys; rm tmp.pubkey)"
    tamouse · 2011-09-30 07:39:24 18
  • You need to install "sshpass" for this to work. apt-get install sshpass


    4
    sshpass -p "YOUR_PASSWORD" ssh -o StrictHostKeyChecking=no YOUR_USERNAME@SOME_SITE.COM
    o0110o · 2013-05-24 14:33:38 12
  • Place in ~/.bashrc If you login to a ssh server from different ips, sometimes you want to do something specific for each. e.g., quickly go into screen -x session from a phone, but not your desktop.


    4
    if [ "${SSH_CLIENT%% *}" == "ipaddr" ]; then command; fi
    snipertyler · 2015-01-13 22:09:38 10
  • I used this to confirm an upgrade to an SSH daemon was successful Show Sample Output


    3
    ssh -vN hostname 2>&1 | grep "remote software version"
    sud0er · 2009-03-31 18:28:41 5
  • Redirects the contents of your clipboard through a pipe, to a remote machine via SSH.


    3
    pbpaste | ssh user@hostname 'cat > ~/my_new_file.txt'
    mikedamage · 2009-07-14 16:32:03 3

  • 3
    mkfifo /tmp/fifo; ssh-keygen; ssh-copyid root@remotehostaddress; sudo ssh root@remotehost "tshark -i eth1 -f 'not tcp port 22' -w -" > /tmp/fifo &; sudo wireshark -k -i /tmp/fifo;
    Code_Bleu · 2010-01-05 14:40:06 3
  • You set the file/dirname transfer variable, in the end point you set the path destination, this command uses pipe view to show progress, compress the file outut and takes account to change the ssh cipher. Support dirnames with spaces. Merged ideas and comments by http://www.commandlinefu.com/commands/view/4379/copy-working-directory-and-compress-it-on-the-fly-while-showing-progress and http://www.commandlinefu.com/commands/view/3177/move-a-lot-of-files-over-ssh Show Sample Output


    3
    file='path to file'; tar -cf - "$file" | pv -s $(du -sb "$file" | awk '{print $1}') | gzip -c | ssh -c blowfish user@host tar -zxf - -C /opt/games
    starchox · 2010-01-19 16:02:45 37
  • You may go to Internet by means of your home ssh server. You must configure your local proxy to send traffic through the proxy. Many programs allows that: firefox, pidgin, skype, gnome, etc. Your home ssh server must listen in any of the ports permitted by your enterprise firewall. That usually includes 80 and 443. Show Sample Output


    3
    autossh -N -D localhost:1080 myhome.example.net -p 443
    prayer · 2010-05-22 19:52:30 5
  • Do the same as pssh, just in shell syntax. Put your hosts in hostlist, one per line. Command outputs are gathered in output and error directories.


    3
    xargs -n1 -P100 -I{} sh -c 'ssh {} uptime >output/{} 2>error/{}' <hostlist
    dooblem · 2010-08-20 11:03:11 3
  • This version transfers gzipped data which is unzipped as it arrives at the remote host.


    3
    ssh user@host 'gunzip - > file' < file.gz
    putnamhill · 2010-09-20 14:04:47 3
  • If you need to xdebug a remote php application, which is behind a firewall, and you have an ssh daemon running on that machine. you can redirect port 9000 on that machine over to your local machine from which you run your xdebug client (I am using phpStorm) So, run this command on your local machine and start your local xdebug client, to start debugging. more info: http://code.google.com/p/spectator/wiki/Installing


    3
    ssh -R 9000:localhost:9000 you@remote-php-web-server.com
    nadavkav · 2011-05-28 09:39:16 4
  • commandline for mac os x


    3
    ssh user@server.com sudo tcpdump -i eth0 -w - 'port 80'| /Applications/Wireshark.app/Contents/Resources/bin/wireshark -k -i -
    bkendinibilir · 2012-01-23 18:16:22 3
  • Example: remote install an application(wine). sshpass -p 'mypssword' ssh -t mysshloginname@192.168.1.22 "echo 'mypassword' | sudo -S apt-get install wine" Tested on Ubuntu.


    3
    sshpass -p 'sshpssword' ssh -t <sshuser>@<remotehost> "echo <sudopassword> | sudo -S <command>"
    dynaguy · 2012-09-13 20:27:13 9
  •  < 1 2 3 4 5 >  Last ›

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

worse alternative to
worse alternative to ctrl+r: grep the history removing duplicates without sorting (case insensitive search).

Convert seconds to [DD:][HH:]MM:SS
Converts any number of seconds into days, hours, minutes and seconds. sec2dhms() { declare -i SS="$1" D=$(( SS / 86400 )) H=$(( SS % 86400 / 3600 )) M=$(( SS % 3600 / 60 )) S=$(( SS % 60 )) [ "$D" -gt 0 ] && echo -n "${D}:" [ "$H" -gt 0 ] && printf "%02g:" "$H" printf "%02g:%02g\n" "$M" "$S" }

Download all images from a 4chan thread
Useful for ripping wallpaper from 4chan.org/wg

resume other user's screen session via su, without pty error
Normally, if you su to another user from root and try to resume that other user's screen session, you will get an error like "Cannot open your terminal '/dev/pts/0' - please check." This is because the other user doesn't have permission for root's pty. You can get around this by running a "script" session as the new user, before trying to resume the screen session. Note you will have to execute each of the three commands separately, not all on the same line as shown here. Credit: I found this at http://www.hjackson.org/blog/archives/2008/11/29/cannot-open-your-terminal-dev-pts-please-check.

Download SSL server certificate with opsnessl
Useful when we need to create new certificate for site when current one is near expiry. This downloaded cert can be used to provide organisational data directly to new cert. using below command. e.g. openssl x509 -x509toreq -in /tmp/example.com.cert -out example.com.csr -signkey example.com-key.pem

ssh to machine behind shared NAT
Useful to get network access to a machine behind shared IP NAT. Assumes you have an accessible jump host and physical console or drac/ilo/lom etc access to run the command. Run the command on the host behind NAT then ssh connect to your jump host on port 2222. That connection to the jump host will be forwarded to the hidden machine. Note: Some older versions of ssh do not acknowledge the bind address (0.0.0.0 in the example) and will only listen on the loopback address.

Get your external IP address without curl
Curl is not installed by default on many common distros anymore. wget always is :) $ wget -qO- ifconfig.me/ip

processes per user counter
No need for sort

Copy one file to multiple files
Copies file.org to file.copy1 ... file.copyn

power off system in X hours form the current time, here X=2


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: