We assume you know what it is and how to use the SSH command to normally connect to a server.
Suppose we have a server “myserver>/em>” where we can connect with user “myuser”
SSH Command and Private key
If we have not yet created our ssh public/private keys, I would say that it’s time to do so via the command
The generated keys are under $HOME/.ssh/id* and the public ends with .pub
At this point, the ssh client will attempt to connect first with public key and if it is not possible, it will use the next available authentication.
To copy the key to the server “myserver” you must first add the public key to the ssh authentication agent (ssh-agent).
Suppose the agent has been automatically activated by the graphics session(gnome or kde do it automatically), we check that it is active with the command
If not, we use a shell that encloses it with the command:
At this point we add, unlocking, the ssh key
To import the key on the host “myserver” we use the command
Private password change
Suppose you want to change the private key password at some point. Just the simple command
How to launch a remote ssh command
To launch a remote command just pass it as the last parameter to the ssh command.
For example, suppose you want the file list on the home page
ssh myuser@myserver ls -alh
However, to back up the entire home with the tar command and save it all locally via the ssh command, let’s launch
ssh myuser@myserver tar czvf - . >mybackup.tgz
Use ssh as SOCKS5 server/proxy
Suppose you want to use “myserver” as a server/proxy socks5 and configure it on the local browser
ssh mioutente@mioserver myuser@myserver:~$ ssh -N -D 8080 localhost
At this point, just configure the browser to use the server as SOCK5 on the local 8080 port and navigate
Add ssh option “-f” to leave the command in the background.
How to redirect a remote connection locally via ssh
Suppose the host “myserver” is allowed to log on to a DMZ to the server farm’s mysql server.
In order to access the mysql server with the local computer, we can launch the command
ssh -L 3333:mysql_server_name_o_ip:3306 myuser@myserver
Leaving the active command, now have an encrypted tunnel between the local computer and “myserver” on the local port 3333 which connects directly to the mysql server in DMZ.
We can then connect directly to the mysql server with the command
mysql -P 3333 -h 127.0.0.1 -u myusermysql -p mydatabasemysql
Or if you prefer to use phpMyAdmin just install it locally and configure it on local port 3333.
To remove the encrypted channel just close the ssh connection.
Redirect a local service remotely
Suppose we want to connect from home to the office PC (which can access the server myserver in server farm) that can not be accessed even via VPN. To do this, enough, from the office PC we launch the ssh command:
ssh -N -f -R 2222:localhost:22 miyuser@myserver
Let’s leave it on (without turning off the computer).
From home just enable VPN to reach “myserver”
ssh myuser@myserver myuser@myserver:~$ ssh -P 2222 user_work_pc@localhost user_work_pc@localhost:~$
In this way, you can enter to the office PC from home.