ssh

ssh is a program for logging into a remote machine and for executing commands on a remote machine. It is intended to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections, arbitrary TCP ports and UNIX-domain sockets can also be forwarded over the secure channel.^[1]

Documentation

man 1 'ssh' [EN]

Configuration

Files

/
- etc/
  - ssh/
    - ssh_config, Example: 1

Syntax

ssh [PARAMETER ...] [USER@]HOST [COMMAND]

Parameters

-l USER: Specifies the USER to log in as on the remote machine. This also may be specified on a per-host basis in the configuration file.
-L [BIND_ADDRESS:]SRC_PORT:HOST:DST_PORT: Specifies that connections to the given TCP port or Unix socket on the local (client) host are to be forwarded to the given host and port, or Unix socket, on the remote side. This works by allocating a socket to listen to either a TCP port on the local side, optionally bound to the specified bind_address, or to a Unix socket. Whenever a connection is made to the local port or socket, the connection is forwarded over the secure channel, and a connection is made to either host port, or the Unix socket, from the remote machine.
-N: Do not execute a remote command. This is useful for just forwarding ports.
-p PORT: PORT to connect to on the remote host. This can be specified on a per-host basis in the configuration file.

-R [BIND_ADDRESS:]SRC_PORT:HOST:DST_PORT: Specifies that connections to the given TCP port or Unix socket on the remote (server) host are to be forwarded to the local side.; This works by allocating a socket to listen to either a TCP port or to a Unix socket on the remote side. Whenever a connection is made to this port or Unix socket, the connection is forwarded over the secure channel, and a connection is made from the local machine to either an explicit destination specified by host port, or local_socket, or, if no explicit destination was specified, ssh will act as a SOCKS 4/5 proxy and forward connections to the destinations requested by the remote SOCKS client.
-t: Force pseudo-terminal allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g. when implementing menu services. Multiple -t options force tty allocation, even if ssh has no local tty.
-X: Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file.

Examples

Connect to the machine neon with the user melman

ssh 'melman@neon.raysoft.loc'

Get / store a tar file from / on a remote machine using SSH

tar --create --bzip2 --file=- "${HOME}/office" "${HOME}/private" \
| ssh 'melman@neon.raysoft.loc' "cat >${HOME}/backup/$(date +%F).tar.bz2"

ssh 'melman@neon.raysoft.loc' "tar --create --bzip2 --file=- \
   ${HOME}/office ${HOME}/private" >"${HOME}/backup/$(date +%F).tar.bz2"

References

↑ Project contributors. "ssh(1)." OpenSSH project. https://man.openbsd.org/ssh (accessed 18.03.2025)

[project-1] Project contributors. "ssh(1)." OpenSSH project. https://man.openbsd.org/ssh (accessed 18.03.2025)

[1]