SSH (Secure Shell) is a network protocol that enables secure remote connections between two systems. System admins use SSH utilities to manage machines, copy, or move files between systems. Because SSH transmits data over encrypted channels, security is at a high level.
This article will guide you through the most popular SSH commands. The list can also serve as a cheat sheet and will come in handy the next time you need to complete a task.
- An SSH client of your choice
- An SSH server on the remote machine
- The IP address or name of the remote server
How to Access a Remote Server
To connect to a remote machine, you need its IP address or name. Load the terminal or any SSH client and type
ssh followed by the IP address:
The first time you connect to a host, you’ll see this message:
Type yes and hit enter. You may need to enter your password as well.
Specify a Username for SSH connection
SSH uses the current user when accessing a remote server. To specify a user for an SSH connection, run the command in this format:
Note: If you encounter “Connection refused” error, please refer to our guide SSH “Connection Refused” for solutions.
Use a Different Port Number for SSH Connection
By default, the SSH server listens for a connection on port 22. If the port setting in the SSH config file has been changed, you’ll need to specify the port. Otherwise, you will get this error:
To connect to a remote host with a custom SSH port number, use the
-p flag. For example:
ssh test.server.com -p 3322
Generate SSH Keys Using SSH Keygen
To improve the security of SSH connections, generate a key pair with the keygen utility. The pair consists of a public and private key. The public key can be shared, while the private key needs to stay secure.
SSH key pairs are used to authenticate clients to servers automatically. When you create an SSH key pair, there is no longer a need to enter a password to access a server.
On the host machine’s terminal, use this command to create a key pair:
ssh-keygen -t rsa
To use default settings, hit Enter on the prompts for file location and passphrase.
Copy Public SSH Key
To use the key pair for SSH authentication, you’ll need to copy the public key to a server. The key is the file id_rsa.pub previously created with SSH keygen utility.
To copy your key to a server, run this command from the client:
You can also specify a username if you don’t want to use the current user.
Enter the password to authenticate when asked. After this, you will no longer need to use the password to connect to the same server.
Copy a File Remotely over SSH with SCP
You can securely copy files over the SSH protocol using the SCP tool. The basic syntax is:
scp fileName user@remotehost:/home/username/destination
For example, to copy a file sample3 to your Desktop on a remote server with a username test, type in:
scp sample3 firstname.lastname@example.org:/home/test/Desktop
The output shows a summary of the operation.
Make sure to use the uppercase
-P flag if you need to specify the port.
Edit SSH Config File
You can control how remote users can access a server via the SSH. Edit the settings in the
sshd_config file to customize SSH server options. Make sure to edit only the options you are familiar with. A server can become inaccessible due to bad configuration.
Use the editor of your choice to edit the file. You’ll need superuser permissions to make changes. In Linux, we use vim:
In the command line on a remote host, type in:
sudo vim /etc/ssh/sshd_config
Enter the sudo password, and the shell opens the file in the editor you used.
Restart SSH service
When you make changes to the SSH configuration, you’ll need to restart the service in Linux.
Depending on the Linux distro, run one of the following commands on the machine where you modified the settings:
sudo ssh service restart
sudo sshd service restart
Finally, enter the password to complete the process. As a result, the next SSH session will use the new settings.
Basic SSH Commands
Working on a remote server using SSH requires knowing basic SSH commands. Use the commands and options in this article to manage a remote host. Note that you can combine the flags to get the output you need.
Show Working Directory Path
pwd command to show the file system path.
The output displays the location of the directory you are in.
List Files and Directories
To list the contents of a current working folder, use the ls command.
The shell will show the names of all directories, files, and links. To get more information, add one of the following flags:
-adisplays hidden Linux files and entries starting with a dot.
-lshows file details for directory contents. For example, the output includes permissions, ownership, date, etc.
-slists the size of files, in blocks. Add -h to show the size in a humanly-readable form.
To navigate to a specific folder, use the
cd command and a name or path of a directory.
Remember that the names are case sensitive. Use
cd without a name or path to return to the user’s home directory.
cd options include:
cd ..go to the directory one level higher than your current location.
cd -switch to the previous directory.
cd /go to the root directory.
Copy a File
cp command to copy a file or directory. You’ll need to include the name of the file and the target location.
cp fileName /directory/path/destination
To copy file1 from Desktop to Dir1, type in:
cp file1 Dir1
To change the name of file1 while copying it to another destination, use this format:
cp file1 Dir1/Newfile1Name
This command copies file1 to Dir1 with a name you specify.
To copy a directory and its contents, use the -r flag in this format:
cp -r Directory1 NewLocation
Move a File
mv command works in the same manner as the copy command.
For instance, to move a file to another location, type in:
mv fileName directory/path/destination
Create a File
touch command allows you to create a new file with any extension.
In the terminal, enter the following command:
For example, to create a system.log file, type in:
Create a Directory
To create a directory, use the
mkdir command. Enter a new directory name or full path in this format:
Delete a File or Directory
To delete a Linux file , use
rm in this format:
In addition, you can enter a full path:
To delete a directory, add the
-r flag to the rm command.
View Network Information
To view the status of all network adapters, use the
ifconfig command. Moreover, when you don’t use any options with ifconfig, the output displays only active interfaces.
Clear the Terminal Screen
To clear the current working area of your bash screen, type
clear in the shell. This command clears one portion of the screen and shifts up the previous output.
To remove the output from the terminal completely, use the
Run a Command on a Remote Server from a Local Computer
This method does not create a new shell. Instead, it runs a command and returns the user to the local prompt. You can create a file, copy files, or run any other SSH command in this format.
To remotely execute a command from the local machine, append an instruction to the SSH command. For example, to delete a file, type in:
ssh test.server.com rm ~/Desktop/Dir1/sample4
Enter the password, and the file on the remote server will be deleted without creating a new shell.
SSH Command Line Options
The SSH tool comes with many optional parameters. The table below lists common SSH options and the corresponding descriptions.
|-1||Instructs ssh to use protocol version 1|
|-2||Instructs ssh to use protocol version 2.|
|-4||Permits only IPv4 addresses.|
|-6||Permits only IPv6 addresses.|
|-A||Enables authentication agent connection forwarding. Use this option with caution.|
|-a||Disables authentication agent connection forwarding.|
|-b bind_address||Use this option on the local host with more than one address to set the source address of the connection.|
|-C||Enables data compression for all files. Only to be used with slow connections.|
|-c cipher_spec||Use to select a cipher specification. List the values separated by a comma.|
|-E log_fileName||Attaches debug logs to log_file instead of standard error.|
|-f||Sends ssh to background, even before entering a password or passphrase.|
|-g||Permits remote hosts to connect to ports forwarded on a local machine.|
|-q||Runs ssh in quiet mode. It suppresses most error or warning messages.|
|-V||Displays the version of ssh tool and exits.|
|-v||Prints debugging messages for ssh connection. The verbose mode is useful when troubleshooting configuration issues.|
|-X||Use this option to enable X11 forwarding.|
|-x||Disable X11 forwarding.|
This article has covered the 19 most popular commands for using the SSH tool effectively. Now you can manage your server remotely with an added layer of security and have these commands at your fingertips.
Before executing these commands and options on a live server, we do recommend using a test machine first.