Skip to content

SSH

Tools: dsh sshpass sshfs

Get ssh info

for i in $(ssh -Q help); do echo -e "\n#### $i  "; ssh -Q $i; done

Generate keys

ssh-keygen -t ed25519 -f id-${HOSTNAME} -C ""
#
ssh-keygen -f id-${HOSTNAME} -C ""

Generate public key from private

ssh-keygen -f id_rsa -y > id_rsa.pub

Generate fingerprint

ssh-keygen -l -f <file>

Found fingerprints

ssh-keyscan <IP> | ssh-keygen -lf -

Connect

Don't save knownhosts 

ssh -o "UserKnownHostsFile=/dev/null" -o StrictHostKeyChecking=no

Connect through socks proxy 

ssh -o ProxyCommand='nc -X5 -x 127.0.0.1:1080 %h %p'

Forward to local port (-L)

ssh user@remote-host -L [local-port]:[ip-remote-network]:[port-on-ip-remote-network]

# examples
ssh [email protected] -L 10080:127.0.0.1:80 

ssh [email protected] -L 10080:192.168.1.222:80

ssh -L '15001:[::1]:15001' 192.168.1.1

Forward to remote port (-R)

# syntax
ssh user@remote-host -R [remote-port]:[local-ip]:local-port]

# example 1
ssh [email protected] -R 10143:192.168.1.100:143

SSH proxy

ssh -D [bind_address]:[port] [user]@[host]

# example
ssh -D 0.0.0.0:8080 [email protected]

Check speed for ssh connection

See more: pv

yes | pv | ssh srv "cat > /dev/null"

sshd config

cat << EOF > /etc/ssh/sshd_config.d/00-basic.conf
ChallengeResponseAuthentication no
PasswordAuthentication no
PermitRootLogin no
EOF

ssh user configs

Basic 

Host *
  StrictHostKeyChecking False
  PubkeyAcceptedKeyTypes +ssh-rsa
  HostKeyAlgorithms +ssh-rsa

Proxy 

Host test
  Hostname 10.10.10.1
  ProxyCommand nc -X 5 -x 127.0.0.1:1080 %h %p