SSH Cheatsheet

By Dejan Panovski Updated on Download PDF

Quick reference for SSH commands and configuration

SSH (Secure Shell) is a protocol for securely connecting to remote systems. This cheatsheet covers common SSH commands for connecting, file transfer, tunneling, and key management.

Basic Connection

Connect to remote servers.

CommandDescription
ssh user@hostConnect to host
ssh hostConnect with current username
ssh -p 2222 user@hostConnect on custom port
ssh user@host commandRun command on remote host
ssh -v user@hostVerbose mode (debug)
ssh -q user@hostQuiet mode

SSH Keys

Generate and manage SSH keys.

CommandDescription
ssh-keygenGenerate SSH key pair
ssh-keygen -t ed25519Generate Ed25519 key
ssh-keygen -t rsa -b 4096Generate 4096-bit RSA key
ssh-keygen -p -f ~/.ssh/id_ed25519Change key passphrase
ssh-keygen -y -f ~/.ssh/id_ed25519Show public key
ssh-keygen -R hostnameRemove host from known_hosts

Copy SSH Key

Set up passwordless authentication.

CommandDescription
ssh-copy-id user@hostCopy key to remote host
ssh-copy-id -i ~/.ssh/key.pub user@hostCopy specific key
ssh-copy-id -p 2222 user@hostCopy key on custom port

SSH Agent

Manage SSH keys in memory.

CommandDescription
eval "$(ssh-agent -s)"Start SSH agent
ssh-addAdd default key to agent
ssh-add ~/.ssh/id_ed25519Add specific key
ssh-add -lList keys in agent
ssh-add -d ~/.ssh/id_ed25519Remove key from agent
ssh-add -DRemove all keys

SCP (Secure Copy)

Copy files over SSH.

CommandDescription
scp file user@host:/pathCopy file to remote
scp user@host:/path/file .Copy file from remote
scp -r dir user@host:/pathCopy directory recursively
scp -P 2222 file user@host:/pathCopy on custom port
scp -C file user@host:/pathCopy with compression
scp -p file user@host:/pathPreserve timestamps

SFTP

Interactive file transfer.

CommandDescription
sftp user@hostConnect to host
sftp -P 2222 user@hostConnect on custom port
get fileDownload file (in sftp)
put fileUpload file (in sftp)
ls, cd, pwdNavigate remote (in sftp)
lls, lcd, lpwdNavigate local (in sftp)

SSH Tunneling

Create secure tunnels.

CommandDescription
ssh -L 8080:localhost:80 user@hostLocal port forwarding
ssh -R 8080:localhost:80 user@hostRemote port forwarding
ssh -D 1080 user@hostSOCKS proxy (dynamic)
ssh -N -L 8080:localhost:80 user@hostTunnel only (no shell)
ssh -f -N -L 8080:localhost:80 user@hostBackground tunnel

SSH Config File

Simplify connections with config.

ConfigDescription
~/.ssh/configUser config file
Host myserverDefine host alias
HostName 192.168.1.100Server address
User adminUsername
Port 2222Custom port
IdentityFile ~/.ssh/mykeyPrivate key path

Connection Options

Common SSH options.

OptionDescription
-p portCustom port
-i keyfileIdentity file (private key)
-o option=valueSet config option
-F configfileCustom config file
-J jumphostJump through host (ProxyJump)
-XEnable X11 forwarding
-AEnable agent forwarding

Security Options

Harden SSH connections.

OptionDescription
-o StrictHostKeyChecking=yesStrict host key check
-o UserKnownHostsFile=/dev/nullIgnore known hosts
-o PasswordAuthentication=noDisable password auth
-o PubkeyAuthentication=yesEnable key auth
-o ConnectTimeout=10Connection timeout

Multiplexing

Reuse SSH connections.

ConfigDescription
ControlMaster autoEnable multiplexing
ControlPath ~/.ssh/sockets/%r@%h-%pSocket path
ControlPersist 600Keep connection for 10 min
ssh -O check user@hostCheck connection status
ssh -O exit user@hostClose master connection

Common Patterns

Frequently used combinations.

CommandDescription
ssh -t user@host 'sudo command'Run sudo command
ssh user@host 'cat file' > localCopy output to local
tar czf - dir | ssh user@host 'tar xzf -'Copy dir via tar
ssh -J jump user@destConnect via jump host
ssh user@host -L 3306:localhost:3306MySQL tunnel