Using SSH

SSH is a powerful tool for remote administration.

Using SSH on your operating system

Linux, FreeBSD, and Mac OS X operating systems should be covered with SSH clients out of the box. Windows 10 began including SSH clients as well. If you use an older version of Windows, you might need to try to use plink instead of the SSH command. (Windows remote administration software is detailed on this page.)

Android users might need to use ConnectBot. Most features are available this way, but the configuration details may differ.

This page mainly deals with the default ssh command on Linux/UNIX. As of later 2018 versions of Windows 10, this command should be available or easily added.

Route SSH through another SSH server

The -J parameter allows you to pass through one server to reach another, useful for reaching a server behind a firewall.

ssh -J user@public.host user@private.host

Using SSH as a jump server for other services

If you have several hosts behind without a public-facing IP, or need a secure tunnel to a LAN for some other reason, you can use an SSH server as a jump server. The -L parameter will make a remote port available on your local system.

Example 1 – access a server on the host that is hosting SSH (using IRC as an example)

ssh -L 56667:192.168.1.15:6667 user@host.name

You should now be able use your IRC cleint and connect to server localhost on port 56667.

Example 2 – make Windows RDP on 192.168.1.15 accessible. Run the following command and connect with your Remote Desktop Protocol client to localhost on port 33890.

ssh -L 33890:192.168.1.15:3389 user@host.name

Example 3 – multiple tunnels to VNC on different host computers:

ssh -L 59001:internalhost1:5900 -L 59002:internalhost2:5900 -L 59003:internalhost3:5900 user@host.name

Now you should be able to use a VNC client to connect to localhost:59001, localhost:59002, and localhost:59003 to reach those discrete internal hosts. This is especially handy because VNC often doesn't include encryption, so SSH makes the VNC protocol more secure.

Copying files across hosts

The SCP command might the simplest way to do this.

• Copy to host: scp file.txt user@host.name:~/file.txt
• Copy from host: scp user@host.name:~/file.txt file.txt

But SSH also offers more complex options for file transmission. One way is to use the dd command:

dd if=file.txt | ssh user@host.name "dd of=file.txt"

This could be useful as part of a more complex script where you continue processing the file after it has been uploaded to the remote host.

Another method might be to use the tee command.

cat file.txt | ssh user@host.name "tee file.txt"

This would both upload the file and display its contents on your screen.

SSH console

You can configure SSH with an escape character, by default ~. The command ~C should give you access to the SSH console, where you can add additional forwards or remove them.