

SSH Commands / Tricks - julian37
http://blog.urfix.com/25-ssh-commands-tricks/

======
raffi
One of my favorites, from:
[http://www.phrack.org/issues.html?issue=64&id=4&page...](http://www.phrack.org/issues.html?issue=64&id=4&page=2)

See: An almost invisible ssh connection

    
    
         ssh -T user@host /bin/bash -i
    

This connects you to a box with no TTY allocation. If someone types 'w', they
will not see your connection.

~~~
alnayyir
Okay, you've done the trick, now what's the reveal? How do you readily detect
someone who has started their shell without TTY allocation?

~~~
timtadh
if you are running sshd on port 22 this will show you all connections going
into it

    
    
        sudo lsof -i :22
    

you can then reverse what people are doing based on the pids lsof gives you.

[edit: using ps ax | grep sshd also works but you can't see where they are
connecting from. [+1 daten]]

------
chrisbroadfoot
Seems to be down.

Text only cache:
[http://webcache.googleusercontent.com/search?q=cache:http://...](http://webcache.googleusercontent.com/search?q=cache:http://blog.urfix.com/25-ssh-
commands-tricks/&hl=en&strip=1)

~~~
ronnier
My cache got it also, and it's easier to read:
[http://viewtext.org/article?url=http://blog.urfix.com/25-ssh...](http://viewtext.org/article?url=http://blog.urfix.com/25-ssh-
commands-tricks/)

------
phreeza
I know its a small difference, but I am happy this title doesn't imply I don't
know these tricks yet, as some articles of this kind tend to do.

~~~
yoak
That's an excellent litmus test on whether there is likely to be anything
actually valuable there. On the other hand, I wonder how much more traffic
they might get from the people who visit just to affirm, "I do too know
them..." :-)

------
pixdamix
This list is missing sshuttle: <https://github.com/apenwarr/sshuttle>

sshuttle is a transparent proxy server that works as a poor man's VPN.
Forwards over ssh. Doesn't require admin access. Works with Linux and MacOS.

Avery Pennarun is a Hero :)

~~~
pmjordan
Wow, this is fantastic, thanks! I was looking for something like this a while
ago and the closest I could find was transocks, which is Linux-only, not
overly stable, not actively maintained, and TCP-only.

~~~
pixdamix
sshuttle is currently TCP-only i remember seeing some people discussing about
UDP, and DNS forwarding on top of sshuttle but it hasn't gotten very far.

------
amccloud
They may want to change their DB username and password ASAP.

<http://blog.urfix.com/wp-config.php>

I can see their config in plain text.

------
varjag
Also, use

    
    
      ~.
    

to terminate a stalled session.

~~~
1amzave
The tilde-escape offers significantly more than just termination, actually.
Hit '~?' for the available escape sequences:

    
    
      Supported escape sequences:
        ~.  - terminate connection (and any multiplexed sessions)
        ~B  - send a BREAK to the remote system
        ~C  - open a command line
        ~R  - Request rekey (SSH protocol 2 only)
        ~^Z - suspend ssh
        ~#  - list forwarded connections
        ~&  - background ssh (when waiting for connections to terminate)
        ~?  - this message
        ~~  - send the escape character by typing it twice
      (Note that escapes are only recognized immediately after newline.)
    

If you open the command line (~C), another '?' shows its available commands:

    
    
      ssh> ?
      Commands:
            -L[bind_address:]port:host:hostport    Request local forward
            -R[bind_address:]port:host:hostport    Request remote forward
            -KR[bind_address:]port                 Cancel remote forward

------
vog
The site is currently down. Why is it so hard for most blog software to do the
most basic thing of the web: delivering static content?

~~~
shiftpgdn
Because the author made the same mistake so many Wordpress users do which is
going absolutely crazy with add-ons. I managed to get the page to load after
about 3 minutes and I can count at least 8-9 add-ons he is using that are
sucking up tons of server resources. The owner of this blog would be extremely
well served by removing unnecessary add-ons and installing something like WP
Super Cache to serve content significantly faster and lower the server load.

For security he might want to relocate the admin login URL as well since he
still has it set to /wp-admin/ .

~~~
amackera
What additional security does relocating the admin login buy?

~~~
jimwise
Like running sshd on another port (to stay on topic), it doesn't make the
service more secure against someone who knows it's there, but it makes it less
visible to automated scripts probing the standard location for known bugs.

------
yatsyk
cool list, thank you!

Previous ssh fu posts:

<http://news.ycombinator.com/item?id=1536126>

<http://news.ycombinator.com/item?id=874666>

<http://news.ycombinator.com/item?id=1624010>

~~~
alien_acorn
<http://news.ycombinator.com/item?id=1923170>

------
ljlolel
I have been looking for solutions to some of these things forever:

21) Have an ssh session open forever

autossh -M50000 -t server.example.com ‘screen -raAd mysession’

Open a ssh session opened forever, great on laptops losing Internet
connectivity when switching WIFI spots.

24) Transfer SSH public key to another machine in one step

ssh-keygen; ssh-copy-id user@host; ssh user@host

This command sequence allows simple setup of (gasp!) password-less SSH logins.
Be careful, as if you already have an SSH keypair in your ~/.ssh directory on
the local machine, there is a possibility ssh-keygen may overwrite them. ssh-
copy-id copies the public key to the remote host and appends it to the remote
account’s ~/.ssh/authorized_keys file. When trying ssh, if you used no
passphrase for your key, the remote shell appears soon after invoking ssh
user@host.

25) Copy stdin to your X11 buffer

ssh user@host cat /path/to/some/file | xclip

~~~
danielh
25a) Copy stdin to clipboard on Mac

ssh user@host cat /path/to/some/file | pbcopy

------
mvalle
When I first got my netbook, I sometimes set up an ssh media server to stream
music from my main computer to my netbook like this:

ssh user@host cat /path/to/music-collection | mplayer

------
softbuilder
> i think that is the fastest and best way to migrate a DB to a new server!

Except that your mysql password is now in your history?

~~~
mdwrigh2
Just put a space before you execute the command, then it doesn't get saved in
history. Alternatively, delete it from your history file as the other
commenter suggests.

~~~
gahahaha
I don't have a box to test this on right now, but you might have to set
HISTCONTROL=ignorespace for that to work.

~~~
mdwrigh2
At least under ZSH (on Ubuntu), I don't appear to have the HISTCONTROL
environment variable set and yet it still ignores anything prepended with a
space.

------
jackowayed
If you're on OS X, you can get ssh-copy-id through homebrew. (And if you're on
OS X and not using homebrew, go install it now:
<https://github.com/mxcl/homebrew> )

~~~
marchdown
It's clunky. How is it better than compiling for yourself or using Apple-
blessed MacPorts?

~~~
jackowayed
Compiling it yourself takes a lot more work than `brew install ssh-copy-id`.

Here's a pretty good expression of the main complaint I've heard about
MacPorts:

> _The system [homebrew] is much better than MacPorts, the idea is that for
> example, Mac OS X comes with python installed. Brew will try to use the
> default python installation instead of trying to make it's own in
> /usr/opt/whatever ... so, homebrew premise, is to respect the Mac OS X
> installed packages and use them to it's favor + respecting the Mac OS X
> structure ( don't re create a whole new structure like fink and mac ports )_

\- [http://stackoverflow.com/questions/189912/what-package-
manag...](http://stackoverflow.com/questions/189912/what-package-manager-do-
you-prefer-for-mac-os-x)

An added bonus is that things tend to install way faster because it's not
compiling all of this stuff that OS X came with.

~~~
marchdown
Last time I tried to use it I was burned when it came to removing packages.
Sure, I can remove them by hand, but then what good is my _package management
system_? The hairier installation is, the more configuration files it creates
and modifies all over the system, the more urgent is the need for reliable
management system. And there are packages that can't not write all over the
system. SSH is one. Sage's another.

------
scrrr
Useful post!

Does anyone know: Is it recommended to mount a directory via sshfs? My idea:
Mount whole server filesystems into /mnt/servers/<server_ip> ... and then
conveniently work with it using desktop tools.

Can it be done? What are the downsides to that?

~~~
woogley
The biggest thing to remember is that any command you run will be in a local
context. For example, if you want to do things like updating a SVN repo that's
located on the server you've mounted, you should SSH directly into the server
and perform it. Otherwise, your _local_ SVN software will try to read in tons
of files FROM the server to establish changes in the checkout before it can
even try to commit. This can be very slow!

~~~
askedrelic
^^Very good point.

On OSX with MacFuse and SSHFS, I've done plenty of remote work before on LAN
servers and "internet" servers. It definitely works, but is slow. But for
being able to open up a "local" file in Vim/text editor and then save it, the
only time you are hitting the network is during the save and that can be slow.

Transmit 4 integrated this functionality into their FTP client, auto-mounting
of SSH connections, but it definitely seems more crashy than MacFuse to me.

~~~
fragmede
If remote editing vim is your _only_ requirement, it should be noted that up-
to-date versions of vim will handle scp://, as in "vim
scp://hostname/file_to_edit". (Emacs users have Fish) (you should already have
ssh keys setup)

~~~
Nick_C
Thanks for that. You've just removed 90% of my use cases for opening an actual
shell on the remote server.

I've been using vim for a decade or more. I guess it's a salutary lesson for
experienced users. I should read the Changelog more carefully when upgrading.

------
kree10
One cool application of ssh port forwarding missing from the list is
<https://github.com/progrium/localtunnel>

It lets you temporarily give a behind-the-firewall web server a public, port
80 URL.

~~~
yogsototh
I use

    
    
      ssh -D9999 user@remotehost.com
    

And now I have a local SOCKS proxy running. I just have to change the proxy
configuration in my browser using SOCKS4a at localhost:9999 and I can surf as
if I were on remotehost

~~~
arihelgason
This is really useful. And if you do

    
    
      ssh -ND 9999
    

it doesn't open a shell.

This may stop you from accidentally shutting down your tunnel thinking it's
just another ssh session.

------
vog
There's a little typo in item 5:

"Will allow you to mount a folder _security_ over a network."

I guess the author meant instead:

"Will allow you to mount a folder _securely_ over a network."

------
samratjp
github does some impressive backend work with SSH - I was amazed when I read
about their architecture <https://github.com/blog/530-how-we-made-github-fast>

------
MrMatt
Interesting stuff, but can you clip the number from the title, please?

------
konad
> When ssh is the foundation of your security architecture, you know things
> aren't working as they should.

Rob Pike

[http://interviews.slashdot.org/article.pl?sid=04/10/18/11532...](http://interviews.slashdot.org/article.pl?sid=04/10/18/1153211)

~~~
seanl
If you read the context, this isn't really a specific criticism of ssh, but
rather a general criticism of Unix's network model (or lack of it). Maybe we
should all be using Plan 9, but as we're not ssh helps a lot.

~~~
konad
I know, I'm a long time plan9 user, I know what it _could_ be like.

------
jeberle
26\. $ ~<Ctrl-Z> # suspend current SSH session

Very useful.

