ssh -p port user@server
ssh -t username@hostname /bin/sh
ssh user@server -o PreferredAuthentications=keyboard-interactive # or: ssh user@server -o PreferredAuthentications=password
export SSH_AUTH_SOCK=""; ssh user@server
Never disclose your private key (also called privkey) to anybody! It's private. A public key (also called pubkey) is used to identify you on a remote system and you can copy it to any system you want to authenticate with.
ssh-keygen -t ed25519 -f ~/.ssh/new_key
You will find two files in your ~/.ssh/ directory: new_key (your private key) and new_key.pub (your public key).
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
ssh-keygen -f ".ssh/known_hosts" -R servername/ip
Host arbitraryhostname HostName realhostnameorIPhere User usernamehere Port 12345
more ideas: http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/
~/.ssh/id_rsa.pubssh-copy-id user@server:portcat ~/.ssh/id_rsa.pub | ssh user@server "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"
Port 12345 #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key UsePrivilegeSeparation yes KeyRegenerationInterval 3600 ServerKeyBits 768 SyslogFacility AUTH LogLevel INFO LoginGraceTime 60 PermitRootLogin without-password StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys IgnoreRhosts yes RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no #IgnoreUserKnownHosts yes PermitEmptyPasswords no ChallengeResponseAuthentication no #PasswordAuthentication yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes
Subsystem sftp internal-sftp Match Group sftponly ForceCommand internal-sftp ChrootDirectory /wwwhome
The ChrootDirectory must have chmod 750 and permissions of root:sftponly!
If you want to connect to target computer on the target port of your SSH computer through localhost:
ssh -L 8888:targetcomputer:targetport ssh-computername -N
With ssh -L 8888:webserver:80 dmz-server -N you can make a webserver which is only available in the destination network available on localhost:8888.
If you want to reverse tunnel a connection (i.e. make the destination port available to connect from the outside), you can use
ssh -o "GatewayPorts=yes" -L 80:localhost:8080 destination -N
This will forward the remote port 8080 to the local 80. Keep in mind you also have to open the firewall on the remote machine.
You can pipe to/from SSH. (Quelle)
ssh user@server 'echo 0' | cat - > echo.out
echo 0 | ssh user@server 'cat - > echo.out'
The command-line tool ssh should be installed already. If it isn't, consult your package manager and install the OpenSSH package.
see SSH on Windows wiki page
If your SSH session doesn't close on reboot or shutting down, you might lack a timeout in the OpenSSHd config or the corresponding systemd package so the session gets closed cleanly.
Debian:
apt install libpam-systemd dbus
Check that you actually use the PAM module:
UsePAM=yes
cp /usr/share/doc/openssh-client/examples/ssh-session-cleanup.service /etc/systemd/system/ systemctl enable ssh-session-cleanup.service