Skip to content

Instantly share code, notes, and snippets.

@tomschall

tomschall/ssh-cheat-sheet.md

Created March 11, 2025 13:06
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save tomschall/cdf4789325340306ec0977eee30f4d25 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save tomschall/cdf4789325340306ec0977eee30f4d25 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ssh-cheat-sheet.md

πŸš€ SSH Cheat Sheet

A handy reference for ssh, ssh-keygen, and ssh-agent commands.

πŸ”‘ SSH Basics

Connect to a remote server

ssh user@remote-server.com

Connect with a specific port

ssh -p 2222 user@remote-server.com

Run a command on a remote server

ssh user@remote-server.com "ls -lah /var/www"

Enable verbose mode (debugging connection issues)

ssh -v user@remote-server.com

Use a specific SSH key

ssh -i ~/.ssh/custom_key user@remote-server.com

Add an SSH configuration for easy access (~/.ssh/config)

Host myserver
    HostName remote-server.com
    User myuser
    Port 2222
    IdentityFile ~/.ssh/id_rsa
    ForwardAgent yes

➑ Now you can simply run:

ssh myserver

πŸ”‘ SSH Key Management (ssh-keygen)

Generate a new SSH key (RSA 4096-bit)

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

Generate an ED25519 SSH key (stronger & faster than RSA)

ssh-keygen -t ed25519 -C "your_email@example.com"

View the public key (copy this to add to servers like GitHub/GitLab)

cat ~/.ssh/id_rsa.pub

Add your SSH key to a remote server (manually)

ssh-copy-id user@remote-server.com

Remove a passphrase from an existing SSH key

ssh-keygen -p -f ~/.ssh/id_rsa

Change the passphrase of an SSH key

ssh-keygen -p -f ~/.ssh/id_rsa -N "new_passphrase"

Convert OpenSSH to PEM format (for some legacy systems)

ssh-keygen -p -m PEM -f ~/.ssh/id_rsa

πŸ”„ SSH Agent (ssh-agent)

Start the SSH agent (Linux/macOS)

eval "$(ssh-agent -s)"

Add an SSH key to the agent

ssh-add ~/.ssh/id_rsa

List loaded SSH keys

ssh-add -l

Remove all SSH keys from the agent

ssh-add -D

Store SSH key in macOS Keychain (persistent across reboots)

ssh-add --apple-use-keychain ~/.ssh/id_rsa

Enable automatic loading of keys on macOS

echo "Host *\n  UseKeychain yes\n  AddKeysToAgent yes" >> ~/.ssh/config

🌐 SSH Tunneling & Port Forwarding

Local port forwarding (access a remote service locally)

ssh -L 8080:localhost:80 user@remote-server.com

Now, you can open http://localhost:8080 to access remote port 80.

Remote port forwarding (expose a local service to the remote server)

ssh -R 9090:localhost:3000 user@remote-server.com

This makes local port 3000 available as remote-server.com:9090.

Dynamic (SOCKS) Proxy

ssh -D 9090 user@remote-server.com

This sets up a SOCKS proxy on localhost:9090.

🎯 Miscellaneous

Test SSH connection without executing commands

ssh -T user@remote-server.com

Copy a file via SSH (scp)

scp file.txt user@remote-server.com:/remote/path/

Copy a directory recursively via SSH

scp -r /local/dir user@remote-server.com:/remote/path/

Sync files efficiently via rsync

rsync -avz -e ssh /local/dir user@remote-server.com:/remote/path/

πŸ”₯ Troubleshooting SSH

Check SSH logs on the server

journalctl -u sshd --no-pager | tail -n 50

Restart the SSH service (Linux)

sudo systemctl restart sshd

Fix "Permissions are too open" error on SSH keys

chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub

Fix "Host key verification failed"

ssh-keygen -R remote-server.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment