Secure Shell (mainly used under Linux or Mac)#
ssh [options] user@192.168.1.33 [command] -X X11 forwarding (uppercase X) -Y Trusted X11 forwarding (for firefox) (uppercase Y) -p port# (lowercase p) -C compression (uppercase) Exit connection with: ~.
Copying files#
scp [options] root@192.168.1.33:/home/file . -r recursively copy sub-directories -p preserve file times -P port# -q no progress meter -C compressionUnder Windows:
pscp -ls user@192.168.1.2:/ list files pscp root@192.168.2.2:/home/file .
Preventing auto-logout when not in use#
Edit ~/.ssh/config and add the following line:
ServerAliveInterval 60
X11 Access#
Start ssh with -X
Once in a terminal do: xterm & or gnome-terminal &
Server access without a password#
There is a way to create a public/private key such that you never have to use passwords when using any of the Arahant servers. You'll be able to connect /use / copy files, etc. as if it were a local machine (without having to enter password with each command). To set this up do the following.
The following commands are executed from a Cygwin/bash shell on your Windows box:
ssh-keygen -t rsa -b 4096 -C 'your machine / use name id'Just hit <enter> for all questions.
This will create two files representing your public and private keys in the directory /home/USER/.ssh (USER is your name) as follows:
id_rsa private key id_rsa.pub public keyThe Cygwin path /home/USER/.ssh is equivalent to the Windows path \Cygwin\home\USER\.ssh
The file "id_rsa" is a private key. It should not be given out or copied to another machine. It should be protected in every way possible. Go through the Windows file browser and take away the "Everyone" access to that file. Also set the "Encrypt" attribute on the file.
You must copy the file "id_rsa.pub" to each machine you wish to use without a password. The file should be copied (and renamed) to:
/home/USER/.ssh/authorized_keys2Once that file is in place you will be able to ssh, scp, etc. and the system will no longer prompt you for a password.
You can see who is authorized via:
awk '{ print $3 $4 $5 $6 }' authorized_keys2
Creating an SSH Tunnel#
ssh root@33.33.33.33 -L 2000:localhost:80
This means login in to machine at 33.33.33.33 as root and map their port 80 to your local port 2000. Thereafter, you can access their local port 80 through your local port 2000. Thus you would use:
http://localhost:2000
You can cause the ssh tunnel to run in the background by adding the following options:
-N -f
You can then use ps and kill to stop it.
Use the following option to allow the local port to be used by others on your local network:
-g
Others would then be able to access the remote machine using the IP address and port of the local machine.