ssh tips

default configuration per host

to not have to specify many options on the command-line, you can set the default user, port and more in the file ~/.ssh/config

Host testhost
Port 321
User testuser
IdentityFile ~/.ssh/private-key

file transfer over ssh

mount a remote directory with sshfs

sshfs somehost:/ /mnt/somedirectory

or use "sftp" which can work interactively

sftp -P 22 someuser@somehost:/

the port option is an uppercase p unlike with the ssh command where it is lowercase or use "scp"

log in without having to enter a password

you need a private\public key pair. private keys in general can have an additional password themselves to protect the key. use ssh-copy-id, or append the contents of the public key you want to use to the file ~/.ssh/authorised_keys on the server. then configure ssh to use the key with IdentityFile option in .ssh/config or specify the path with a command-line option

how to create a private\public key pair

ssh-keygen -t rsa

password can be empty, target is typically ~/.ssh/keyname

chmod 400 ~/.ssh/keyname*

ssh displays an error if the permissions are not limited enough

how to copy the public key with ssh-copy-id

ssh-copy-id comes bundled with openssh

ssh-copy-id -i ~/.ssh/keyname someuser@somehost

how to copy the public key manually to the server

append all contents of the file keyname.pub to the file .ssh/authorized_keys on the server. create the file or directory if it does not exist

how to configure ssh to automatically use the key

in ~/.ssh/config

Host testserver
IdentityFile ~/.ssh/keyname

how to select the key manually

ssh -i ~/.ssh/keyname testserver

send shell commands to a remote server

echo "command-string" | ssh hostname

sshd debugging

stop the sshd service. this normally does not close active connections

systemctl stop sshd

start sshd with debugging output

/usr/bin/sshd -d

the full path with /usr/bin is required or ssh will say so and exit make connections and see the debug output displayed. to finish, exit with ctrl+c and do not forget to start the original sshd service again

systemctl start sshd