Secure Shell (mainly used under Linux or Mac)#

ssh  [options]  user@192.168.1.33  [command]

	-X	X11 forwarding (uppercase X)
	-Y	Trusted X11 forwarding (for firefox) (uppercase Y)
	-p port#  (lowercase p)
	-C	compression (uppercase)


Exit connection with:    ~.

Copying files#

scp  [options]  root@192.168.1.33:/home/file .

	-r	recursively copy sub-directories
	-p	preserve file times
	-P port#
	-q	no progress meter
	-C	compression
Under Windows:
	pscp  -ls  user@192.168.1.2:/		list files
	pscp  root@192.168.2.2:/home/file .

Preventing auto-logout when not in use#

Edit ~/.ssh/config and add the following line:

    ServerAliveInterval 60

X11 Access#

Start ssh with -X

Once in a terminal do: xterm & or gnome-terminal &


Server access without a password#

There is a way to create a public/private key such that you never have to use passwords when using any of the Arahant servers. You'll be able to connect /use / copy files, etc. as if it were a local machine (without having to enter password with each command). To set this up do the following.

The following commands are executed from a Cygwin/bash shell on your Windows box:

    ssh-keygen -t rsa -b 4096 -C 'your machine / use name id'
Just hit <enter> for all questions.

This will create two files representing your public and private keys in the directory /home/USER/.ssh (USER is your name) as follows:

    id_rsa        private key
    id_rsa.pub    public key
The Cygwin path /home/USER/.ssh is equivalent to the Windows path \Cygwin\home\USER\.ssh

The file "id_rsa" is a private key. It should not be given out or copied to another machine. It should be protected in every way possible. Go through the Windows file browser and take away the "Everyone" access to that file. Also set the "Encrypt" attribute on the file.

You must copy the file "id_rsa.pub" to each machine you wish to use without a password. The file should be copied (and renamed) to:

    /home/USER/.ssh/authorized_keys2
Once that file is in place you will be able to ssh, scp, etc. and the system will no longer prompt you for a password.

You can see who is authorized via:

	awk '{ print $3 $4 $5 $6 }'  authorized_keys2

Creating an SSH Tunnel#

        ssh  root@33.33.33.33  -L 2000:localhost:80 

This means login in to machine at 33.33.33.33 as root and map their port 80 to your local port 2000. Thereafter, you can access their local port 80 through your local port 2000. Thus you would use:

        http://localhost:2000

You can cause the ssh tunnel to run in the background by adding the following options:

        -N -f

You can then use ps and kill to stop it.

Use the following option to allow the local port to be used by others on your local network:

        -g

Others would then be able to access the remote machine using the IP address and port of the local machine.

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-3) was last changed on 09-Sep-2013 09:06 by BlakeMcBride