From XennisWiki
Jump to: navigation, search

Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers that connects, via a secure channel over an insecure network, a server and a client [...]. (Wikipedia)


Basic usage

ssh <user>

Remote command execution: Run the bash script flash in the directory example/bin

ssh <user> "cd ~/example/bin; bash flash"

X11 forwarding

On the client side active X11 forwarding by adding the line X11Forwarding yes to the /etc/ssh/sshd_config file. When on the server side X11 forwarding is activated as well use for instance (starts Chromium):

ssh -X <user> chromium-browser


Use the verbose parameter ssh -vvv or add to your SSH config LogLevel DEBUG3.


The configuration is stored in the ~/.ssh/config file.

Configure a simple entry

Use ssh example instead of ssh -i ~/.ssh/example.key -p 8089 by configure the connection

Host example
    Port 8089
    User turing
    IdentityFile ~/.ssh/example.key

Configure multiple entries

Host *
    User turing

    Port 80

    Port 70

Multi hop

Host example
    User turing

Host secondHost
    ProxyCommand ssh -q pool example -q0 22
    User einstein

Now ssh secondHost is like execute a ssh and then (on the server) execute ssh


Create key

Use the command ssh-keygen to create a new key (Note: The string in quotation marks is merely a description for the key and does not necessarily need to be an e-mail address).

ssh-keygen -t rsa -b 4096 [-C "<my-mail>"]

The created key you find in the directory ~/.ssh.

Copy public key to server

You can use your key to login on a server instead of using your user password. You have to copy you public key (content of the file into the file ~/.ssh/authorized_keys on the server.

You can use ssh-copy-id

ssh-copy-id <user>

or alternatively

cat ~/.ssh/ | ssh <user> "cat >> ~/.ssh/authorized_keys"

Setup a password for an existing key

Enter the following command and then enter your key (e.g. /home/<user>/.ssh/id_rsa)

ssh-keygen -p

Remove entry from known_hosts file

Remove the entry for the host <host> (e.g. an IP or domain) from the ~/.ssh/known_hosts file

ssh-keygen -f "/home/<user>/.ssh/known_hosts" -R <host>


Secure copy or SCP is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol. (Wikipedia)

Copy file(s) to remote host

Copy the file file.txt and file2.txt to the host

scp path/to/file.txt file2.txt <user>

Copy file to host and save it with a new name

scp path/to/file.txt <user>

Copy file(s) from remote host

Copy multiple files from host

scp <user>"~/path/file1.txt ~/path/file2.txt" ./

Copy directory from host

scp -r <user> ./

Using rsync instead and keep directory structure

rsync -r --relative example-files.* some-dir path/to/a/dir <user>




  • Download OpenSSH
  • For detailed instructions for the following steps see quickstart.txt (located in the installations folder)
    • Start > cmd.exe
mkgroup -l >> ..\etc\group
mkpasswd -l -u USERNAME >> ..\etc\passwd


see Cygwin packets


The program WinSCP provides a graphical interface for SCP, so files can be copied via drag and drop.


see Eclipse Integration von FTP und SCP

Error and problems

Permissions are too open

Error message
Permissions 0777 for '.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
chmod 400 ~/.ssh/id_rsa

Bad owner or permissions on ~/.ssh/config

Error message
Bad owner or permissions on ~/.ssh/config
chmod 400 ~/.ssh/config

See also

External links