ssh is a tool that almost every Linux user will come across when working on multiple systems. OpenSSH (developed by OpenBSD) is rather simple to use for the purpose of remote login, but there’s a wealth of options and features that can make ssh do so much more.
THE BASIC COMMAND
SSH is usually invoked as follows: ssh user@remote_machine. An example would be ssh firstname.lastname@example.org or **ssh email@example.com **; You’re prompted to enter a password, guess correctly and you’re in! Simple as that.
THE BASIC OPTIONS
-p port :: to specify a port other than standard 22. e.g. ssh -p 6593 firstname.lastname@example.org
*-i *keyfile **:: to specify a public key for key based authentication
-e character **:: to specify an escape character (~ is default); escape character + ‘.’ will close connection. **e.g. ssh -e @ email@example.com
-o **option **:: to specify a unique config option not in the config file, for this session only. **e.g. ssh -o ‘LogLevel INFO’ firstname.lastname@example.org **
-X :: Enable X11 Forwarding (if remote machine allows in their sshd_config), you can now open x applications from the command line that are running on the remote machine, but appear on your local machine.
PORT FORWARDING WITH SSH
-D *[optionalbindaddress:]port ***:: Dynamic port forwarding with a SOCKS5 Proxy. This is useful when you want to browse securely out of the house. Once the command is run, simply change browser settings to use a SOCKS proxy on localhost with whatever port you decide. Add the -N command to not execute a remote command (essentially: set up the forwarding only). **e.g. ssh -D 8080 email@example.com -N **
-L **clientport**:hostname:hostport :: Local port forwarding between a client. Forward the host port from the host to your local port. For example, to access a web server from a remote machine on your local machine (say, you wanted to access a work project from home), you would do: ssh firstname.lastname@example.org -L 80:**workmachine.net:80 -N **
-R remoteport:localhost:localport:: Reverse SSH tunneling with a client. Forward your local port to the remote server. With the same example, we want to give access to my local web server to one of my remote machines (they can connect to it by connecting to localhost:8080 with this setup) : ssh email@example.com -R 8080:localhost:80
There’s definitely more to SSH than meets the eye. There’s also IP forwarding with the -w option by creating tun interfaces (a future post, maybe).