SSH
SSH Cheat Sheet - 快速参考指南,收录常用语法、命令与实践。
Getting Started
Connect to a server (default port 22)
$ ssh root@192.168.1.5
Connect on a specific port
$ ssh root@192.168.1.5 -p 6222
Connect via pem file (0400 permissions)
$ ssh -i /path/file.pem root@192.168.1.5
See: SSH Permissions
Executes remote command
$ ssh root@192.168.1.5 'ls -l'
Invoke a local script
$ ssh root@192.168.1.5 bash < script.sh
Compresses and downloads from a server
$ ssh root@192.168.1.5 "tar cvzf - ~/source" > output.tgz
Copies from remote to local
$ scp user@server:/dir/file.ext dest/
Copies between two servers
$ scp user@server:/file user@server:/dir
Copies from local to remote
$ scp dest/file.ext user@server:/dir
Copies a whole folder
$ scp -r user@server:/dir dest/
Copies all files from a folder
$ scp user@server:/dir/* dest/
Copies from a server folder to the current folder
$ scp user@server:/dir/* .
| File Path | Description |
|---|---|
/etc/ssh/ssh_config | System-wide config |
~/.ssh/config | User-specific config |
~/.ssh/id_{type} | Private key |
~/.ssh/id_{type}.pub | Public key |
~/.ssh/known_hosts | Known Servers |
~/.ssh/authorized_keys | Authorized login key |
| Options | Description |
|---|---|
scp -r | <yel>R</yel>ecursively copy entire directories |
scp -C | <yel>C</yel>ompresses data |
scp -v | Prints <yel>v</yel>erbose info |
scp -P 8080 | Uses a specific <yel>P</yel>ort |
scp -B | <yel>B</yel>atch mode (Prevents password) |
scp -p | <yel>P</yel>reserves times and modes |
Host server1
HostName 192.168.1.5
User root
Port 22
IdentityFile ~/.ssh/server1.key
Launch by alias
$ ssh server1
See: Full Config Options
$ ssh -J proxy_host1 remote_host2
$ ssh -J user@proxy_host1 user@remote_host2
Multiple jumps
$ ssh -J user@proxy_host1:port1,user@proxy_host2:port2 user@remote_host3
$ ssh-copy-id user@server
Copy to alias server
$ ssh-copy-id server1
Copy specific key
$ ssh-copy-id -i ~/.ssh/id_rsa.pub user@server
SSH keygen
$ ssh-keygen -t rsa -b 4096 -C "your@mail.com"
| - | - | - |
|---|---|---|
-t | Type of key | |
-b | The number of bits in the key | |
-C | Provides a new comment |
{.left-text}
Generate an RSA 4096 bit key with email as a comment
Generate a key interactively
$ ssh-keygen
Specify filename
$ ssh-keygen -f ~/.ssh/filename
Generate public key from private key
$ ssh-keygen -y -f private.key > public.pub
Change comment
$ ssh-keygen -c -f ~/.ssh/id_rsa
Change private key passphrase
$ ssh-keygen -p -f ~/.ssh/id_rsa
- rsa
- ed25519
- dsa
- ecdsa
Search from known_hosts
$ ssh-keygen -F <ip/hostname>
Remove from known_hosts
$ ssh-keygen -R <ip/hostname>
- PEM
- PKCS8
SSH Tunneling
| Option | Description |
|---|---|
-L | Local port forwarding |
-R | Remote port forwarding |
-D | Dynamic port forwarding |
-f | Run in background |
-N | Do not execute a remote command |
-g | Allow remote hosts to connect to local forwarded ports |
{.left-text}
more details on flag above with man ssh
# Forward a local port to a remote server
ssh -L local_port:remote_host:remote_port user@ssh_server
# Example: Forward local port 8080 to remote port 80 on example.com
ssh -L 8080:example.com:80 user@ssh_server
# Create a SOCKS proxy on a local port
ssh -D local_port user@ssh_server
# Create a SOCKS proxy on local port 1080 in the background
ssh -f -N -D 1080 user@ssh_server
# Create a local port forwarding tunnel in the background
ssh -f -N -L local_port:remote_host:remote_port user@ssh_server
# Create multiple tunnels in a single SSH command
ssh -L 8080:example.com:80 -L 3306:db.example.com:3306 user@ssh_server
# In background, no command, allow remote host, local port forward, identity_file
ssh -f -N -g -L 8080:example.com:80 -i ~/.ssh/custom_key user@ssh_server
Also see
- OpenSSH Config File Examples (cyberciti.biz)
- ssh_config (linux.die.net)
- man-ssh
相关 Cheat Sheets
Follow Us
We Accept
地址
Level 10b, 144 Edward Street, Brisbane CBD(Headquarter)Level 2, 171 La Trobe St, Melbourne VIC 3000四川省成都市武侯区桂溪街道天府大道中段500号D5东方希望天祥广场B座45A13号Business Hub, 155 Waymouth St, Adelaide SA 5000Disclaimer
JR Academy acknowledges Traditional Owners of Country throughout Australia and recognises the continuing connection to lands, waters and communities. We pay our respect to Aboriginal and Torres Strait Islander cultures; and to Elders past and present. Aboriginal and Torres Strait Islander peoples should be aware that this website may contain images or names of people who have since passed away.
匠人学院网站上的所有内容,包括课程材料、徽标和匠人学院网站上提供的信息,均受澳大利亚政府知识产权法的保护。严禁未经授权使用、销售、分发、复制或修改。违规行为可能会导致法律诉讼。通过访问我们的网站,您同意尊重我们的知识产权。 JR Academy Pty Ltd 保留所有权利,包括专利、商标和版权。任何侵权行为都将受到法律追究。查看用户协议
© 2017-2025 JR Academy Pty Ltd. All rights reserved.
ABN 26621887572