SSH CheatSheet

SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network.

SSH also refers to the suite of utilities that implement the SSH protocol. Secure Shell provides strong password authentication and public key authentication, as well as encrypted data communications between two computers connecting over an open network, such as the internet.

In addition to providing strong encryption, SSH is widely used by network administrators to manage systems and applications remotely, enabling them to log in to another computer over a network, execute commands and move files from one computer to another.

SSH refers both to the cryptographic network protocol and to the suite of utilities that implement that protocol. SSH uses the client-server model, connecting a Secure Shell client application, which is the end where the session is displayed, with an SSH server, which is the end where the session runs. SSH implementations often include support for application protocols used for terminal emulation or file transfers.

SSH can also be used to create secure tunnels for other application protocols, for example, to securely run X Window System graphical sessions remotely. An SSH server, by default, listens on the standard Transmission Control Protocol (TCP) port 22.

Today, nearly every major network environment including those in governments, large enterprises and financial institutions uses a version of SSH to protect data in transit and let administrators manage systems remotely.

Talk about turning lemons into lemonade. Ylnen was dissatisfied by the lack of security in the rlogin, TELNET, ftp, and rsh protocols, so he devised his own solution. He released the first version of SSH as freeware in July 1995. Adoption exploded. By the end of 1995 there were about 20,000 SSH users. He founded SSH Communications Security by December 1995. By the year 2000, there were about 2 million SSH users. SSH has been assigned to TCP port 22. Many operating systems have SSH software preinstalled, including most versions of Linux, macOS, Solaris, FreeBSD, OpenBSD, NetBSD, and OpenVMS. There are SSH applications for Windows, but they aren't preinstalled and must be installed manually.

The SSH protocol is based on the client-server model. Therefore, an SSH client must initiate an SSH session with an SSH server. Most of the connection setup is conducted by the SSH client. Public key cryptography is used to verify the identity of the SSH server, and then symmetric key encryption and hashing algorithms are used to maintain data transmission in ciphertext. That way, privacy and integrity of data transmission in both directions between the client and server is assured, man-in-the-middle attacks are mitigated.

The steps involved in creating an SSH session go like this:

1. Client contacts server to initiate a connection.
2. The server responds by sending the client a public cryptography key.
3. The server negotiates parameters and opens a secure channel for the client.
4. The user, through their client, logs into the server.

There are different ciphers that can be used for SSH depending on the applications being used. Some of them include:

• CHACHA20
• AES-GCM
• Blowfish-CBC
• AES128-CTR
• AES192-CTR
• AES256-CTR
• Arcfour
• Cast128-CBC

Usually either an implementation of Diffie-Hellman or Elliptic Curve Diffie-Hellman are used to protect the key exchange.

In the world of cryptography, specific ciphers are usually cracked at some point, and new stronger ciphers are developed. So SSH implementations will drop older ciphers and support newer ciphers over time. Therefore, we could still be using SSH thirty or forty years from now. And we all have Ylnen and the password sniffer he discovered to thank for it.

Present in all data centers, SSH ships by default with every Unix, Linux and Mac server. SSH connections have been used to secure many different types of communications between a local machine and a remote host, including secure remote access to resources, remote execution of commands, delivery of software patches, and updates and other administrative or management tasks.

In addition to creating a secure channel between local and remote computers, SSH is used to manage routers, server hardware, virtualization platforms, operating systems (OSes), and inside systems management and file transfer applications.

Secure Shell is used to connect to servers, make changes, perform uploads and exit, either using tools or directly through the terminal. SSH keys can be employed to automate access to servers and often are used in scripts, backup systems and configuration management tools.

Designed to be convenient and work across organizational boundaries, SSH keys provide single sign-on (SSO) so that users can move between their accounts without typing a password each time.

While playing pivotal roles in identity management and access management, SSH does more than authenticate over an encrypted connection. All SSH traffic is encrypted. Whether users are transferring a file, browsing the web or running a command, their actions are private.

While it is possible to use SSH with an ordinary user ID and password as credentials, SSH relies more often on public key pairs to authenticate hosts to each other. Individual users must still employ their user ID and password -- or other authentication methods -- to connect to the remote host itself, but the local machine and the remote machine authenticate separately to each other. This is accomplished by generating a unique public key pair for each host in the communication. A single session requires two public key pairs: one public key pair to authenticate the remote machine to the local machine and a second public key pair to authenticate the local machine to the remote machine.

# Connect to a server (default port 22)
ssh [email protected]

Connect on a specific port
ssh [email protected] -p 8888

# Connect via pem file (0400 permissions)
ssh -i /path/file.pem [email protected]

# Executes remote command
ssh [email protected] 'ls -l'

# Invoke a local script
ssh [email protected] bash < helloWorld.sh

# Compresses and downloads from a server
ssh [email protected] "tar cvzf - ~/source" > output.tgz

# Copies from remote to local
scp user@server:/dir/file.ext dest/


# Copies between two servers
scp user@server:/file user@server:/dir


# Copies from local to remote
scp dest/file.ext user@server:/dir


# Copies a whole folder
scp -r user@server:/dir dest/


# Copies all files from a folder
scp user@server:/dir/* dest/


# Copies from a server folder to the current folder
scp user@server:/dir/* .

Host server1 
  HostName 192.168.1.5
  User root
  Port 22
  IdentityFile ~/.ssh/server1.key


# Launch by alias
ssh server1

ssh -J proxy_host1 remote_host2
ssh -J user@proxy_host1 user@remote_host2

# Multiple jumps
ssh -J user@proxy_host1:port1,user@proxy_host2:port2 user@remote_host3

ssh-copy-id user@server

# Copy to alias server
ssh-copy-id server1

# Copy specific key
ssh-copy-id -i ~/.ssh/id_rsa.pub user@server

ssh-keygen -t rsa -b 4096 -C "[email protected]" 

# Search from known_hosts
ssh-keygen -F 

# Remove from known_hosts
ssh-keygen -R 

# Generate a key interactively
$ ssh-keygen

# Specify filename
$ ssh-keygen -f ~/.ssh/filename

# Generate public key from private key
$ ssh-keygen -y -f private.key > public.pub

# Change comment
$ ssh-keygen -c -f ~/.ssh/id_rsa

# Change private key passphrase
$ ssh-keygen -p -f ~/.ssh/id_rsa

• rsa
• ed25519
• dsa
• ecdsa

• PEM
• PKCS8