SSH: 12 Tricks You Probably Don’t Know¶

Every developer uses SSH, but most only know ssh user@host. Here are 12 extra tricks.

1. SSH Config¶

~/.ssh/config¶

Host prod HostName 10.0.1.50 User deploy IdentityFile ~/.ssh/prod_key

2. Local Port Forward¶

ssh -L 5432:localhost:5432 prod

3. Reverse Tunnel¶

ssh -R 8080:localhost:3000 remote-server

4. SOCKS Proxy¶

ssh -D 1080 prod

5. Jump Host¶

ssh -J bastion prod-internal

6. Multiplexing¶

Host * ControlMaster auto ControlPath ~/.ssh/sockets/%r@%h-%p ControlPersist 600

7. rsync over SSH¶

rsync -avz –progress ./dist/ prod:/var/www/

8. Agent Forwarding¶

ssh -A bastion

9. Escape Sequences¶

~. terminates a frozen session ~? lists escape sequences

10. Parallel Commands¶

for host in web{1..5}; do ssh $host “uptime” &; done; wait

11. Ed25519 Keys¶

ssh-keygen -t ed25519 -C “[email protected]”

12. Fail2ban¶

[sshd] enabled = true maxretry = 3 bantime = 3600

Tip¶

Disable password authentication, use Ed25519 keys and Fail2ban.