StratusQuo
Posts Tags Categories Series
StratusQuo

Unlocking the Full Potential of SSH: Advanced Commands You Should Know

Uncover SSH's hidden superpowers 🚀

 published in   SSH
  Part 1 of the Advanced SSH series.
     1182 words  6 minutes 
./1280px_Open_BSD_starting_SSH_server_b12bfe6090.jpg
Series - Advanced SSH

SSH, or Secure Shell, is a versatile tool that allows you to securely interact with remote systems. Whether you’re a system administrator, developer, or a techie who loves to tinker with servers, you’ve probably used commands like ssh user@host to log into a remote machine or scp to transfer files.

But did you know that SSH has a treasure trove of lesser-known features that can make your life a lot easier and your work more efficient?

Below, we’ll dive into some advanced SSH commands and techniques that can prove to be incredibly useful.

Before you start, you should have:

  • A basic understanding of SSH and how to navigate the shell.
  • An SSH client installed on your local machine.
  • Access to a remote server where you can practice these commands.

Ready? Let’s get started!

Creating a new SSH connection every time can be slow.

Picture this: You’ve just SSH-ed into your server and realize you need to open another terminal tab, which means going through the authentication process all over again. It’s especially cumbersome if you’re using password authentication for each session, and need to open multiple tabs.

Wouldn’t it be convenient to have a sort of “Single Sign-On” experience for your SSH sessions? Imagine being able to open a new terminal tab and simply entering ssh <connection> to seamlessly access your server without the need for reauthenticating each time.

Well, that’s precisely what the ControlMaster and ControlPath options allow you to do.

First, establish the “master” connection:

ssh -o ControlMaster=yes -o ControlPath=/tmp/ssh_mux_%h_%p_%r user@host

Now, you can open another terminal and use the established master connection:

ssh -o ControlMaster=no -o ControlPath=/tmp/ssh_mux_%h_%p_%r user@host

Using the -M and -S flags:

Another way is to use -M and -S:

Use -M to start a master connection:

ssh -M -S /tmp/ssh_socket user@host

Use -S to specify the created socket for subsequent connections – here’s an example of running a quick command over an existing connection:

ssh -S /tmp/ssh_socket user@host ls

Voila! Faster subsequent connections.

You can also define a master connection via ~/.ssh/config – for example:

Host my_host
    User root
    HostName 147.168.81.21
    ControlMaster auto
    ControlPath ~/.ssh/sessions/%r@%h:%p

In the above:

  • Host my_host Defines a host alias named “my_host”.
  • User root Specifies the username to be used when logging into the remote host.
  • HostName 147.168.81.21 Specifies the actual hostname to connect to.
  • ControlMaster auto Automatically uses a master connection if one exists but falls back to creating a new connection if it doesn’t. This provides some fault tolerance.
  • ControlPath ~/.ssh/sessions/%r@%h:%p Sets the path for the control socket, using variables for the remote username (%r), hostname (%h), and port (%p).
    • Note: You’ll notice here I put the session in a sessions folder. You can keep your sessions anywhere you like (such as /tmp), but I find this way to be more organized.
    • Storing the sessions this way also adds a layer of security, as the .ssh directory has restrictive permissions.
Warning

Keep in mind, when using a persistent SSH tunnel using ControlMaster and ControlPath, anytime you kill the master ssh connection (the first one you started), you will kill all subsequent connections.

  • Using tmux or screen can be a workaround to this, but we’ll cover those tools later.

  • That said, it’s best to use use ControlMaster only for specific hosts where you frequently make multiple connections.

  • ControlPersist sets a timeout for how long the master connection should stay alive after the last multiplexed session is closed.
    • If you specify a time, like ControlPersist 60, it means the main connection will hang around for an extra amount of time (in this example it would be 60 seconds) after you’ve closed all the other sessions.
    • If you set ControlPersist to yes, then the main connection stays open indefinitely. You’ll need to manually shut it down, use a special command ( -O ), or wait for an automatic timer to kick in and close it.

Ever wanted to expose a local web server to the Internet or access a database that is only reachable from a specific server? Port forwarding is your friend.

For local port forwarding:

ssh -L local_port:remote_host:remote_port user@host

For remote port forwarding:

ssh -R remote_port:local_host:local_port user@host

Using the -J flag

You can also use the -J flag instead, followed by the ‘jump’ server and the destination server:

ssh -J user@jumphost user@destination
Note
While the methods mentioned above can provide quick access to a private server over the internet, they may not always be the most secure or efficient solution. Tools like Tailscale, ZeroTier, or WireGuard can offer a more streamlined and secure approach for safely exposing a private server to the internet.

Need to browse the web securely? A SOCKS proxy via SSH is a handy solution.

Set the -D flag and specify any port not already in use on your local machine, such as in the example below:

ssh -D 8080 user@host

Now, set your browser’s SOCKS proxy to localhost:8080, and you’re good to go.

If you need to run a graphical application from a remote server and display it on your local machine, X11 forwarding is the tool for the job.

First make sure X11 Forwarding is enabled in /etc/ssh/sshd_config on your remote machine by making sure the following line is uncommented:

X11Forwarding yes

Then restart ssh on the remote machine:

service sshd restart

Afterwords, to use X11 forwarding in a session, use the -X flag when connecting to the remote machine:

ssh -X user@host

To test an app (such as xclock) download the x11-apps package:

apt -y install x11-apps

Then run xclock from an X11 enabled session – if you see a clock rendered in a new window, then X11 forwarding is working properly!

Adding the public key of a host you frequently connect to can save you from potential man-in-the-middle attacks.

ssh-keyscan host >> ~/.ssh/known_hosts

Mount a remote directory as a local filesystem, making it easier to manipulate files. Comes in handy when working with remote dev or testing environments.

First you’ll need to install SSHFS:

 Ubuntu

Run:

sudo apt update && sudo apt install sshfs
 MacOS

The easiest way to install is via MacPorts – if you don’t have MacPorts already, you can install it using this guide.

Once you have MacPorts installed, just run:

sudo port install sshfs
 Windows
You can Install SSHFS-Win from here.

Once SSHFS is installed, you can mount a remote directory by running:

sshfs user@host:/remote/directory /local/directory

SSH is more than just a tool to connect to remote servers; it’s a Swiss Army knife for network communication and file management.

Now that you’re armed with these advanced SSH commands and techniques, go ahead and make your workflow more efficient.

Cheers!

Updated on 08/30/2023
Read this post as Markdown
 SSH
Back | Home