10 basic and most useful ‘ssh’ client commands in Linux
SSH is one of the main key services in Linux/Unix based systems. SSH represents Secure Socket Shell. SSH protocol is used to access the remote server/system with an encrypted method of login by using a default TCP/IP port 22 or a custom based port number. This service is mainly used by System and Network Administrator to execute commands and manage servers/systems. We can also say SSH is the replacement of Telnet, rlogin, and rsh which is completely insecure protocols to connect the system across the network.
This guide will help you how to login to the remote server (let’s say a Web Server) from your local system/host (client PC). All the below examples of ‘ssh’ commands are tested on RHEL/CentOS 7.6. You can use the same guide for all the RHEL / CentOS / Fedora versions, but for other distros, there might be a small type of difference in using it. Therefore, it is highly recommended to read the guidelines.
This guide assumes that you have already some servers at a remote location which is running on Linux (CentOS / RHEL), it could be either a Web server or Mail Server or DNS Server. Our goal is to access the remote server using ‘ssh’ command.
The Global Syntax of the ssh command:
ssh [OPTIONS] [USER@] :HOST
MY Lab:
Webserver:
Operating System : CentOS Linux 7 (core)
Hostname : web.linuxteck.com
IP Address : 192.168.1.100Localhost/system (client pc)
Operating System : CentOS Linux 7 (core)
Hostname : r001.linuxteck.com
IP Address : 192.168.1.200
SSH client : An active ssh client like “ Terminal for Linux/Mac and Putty for Windows”
Note:
Make sure that your client PC requires an openssh-client package in-order to access the SSH server. Use the first command from the following examples to verify the same for Linux Terminal.
1. How to find out the version of your ssh client?
# ssh -V
Output:
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
Note:
The upper case ‘-V’ option not only shows the version number but also confirms that your client PC has already installed the ssh client package.
2. How to access a remote server using the default ssh command?
Note:
The remote server can be accessed by using an “IP address or you can use the hostname also”. For the 1st time when you access the server from your client pc, it will ask the user to verify the fingerprint before selecting the correct answer from the given option “yes/no”. If you are not sure what to do, then check with your hosting provider/system admin or also if you have the access to your server host key, then cross-check and make sure both keys are matched. Then enter “yes” to confirm the connection and you will notice a “Warning message “ that the server has been added list of known hosts and it will prompt for the password to enter, once the password accepts you will get access to the remote server.
# ssh 192.168.1.100 OR # ssh web.linuxteck.com
Note:
The drawback of using the default ssh command in centos 7 will permit the root account directly to have remote access, which is quite dangerous. It means this user account can do anything in the remote system. Hence, it is highly recommended to disable the root login and granting “sudo” privileges.
WARNING:
If there are any changes or mismatch on the host key of the SSH server, then it will be notified to the user, as it cannot proceed until the server’s host key is deleted from ‘/root/.ssh/known_hosts’ as similar to below output.
3. How to verify the fingerprint using ssh command in terminal?
# ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key.pub
Output:+
256 SHA256:4YNXabAuI4gYnC7ZIcTRbPlCMapOvrMwW4E/kKACb4s no comment (ECDSA)
Note:
Using the above command you can verify the fingerprint of your SSH server and the following command will verify the MD5 fingerprint key also.
# ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key.pub -E md5
Output:
256 MD5:5f:39:21:43:92:6e:7e:f3:17:35:6b:30:85:44:ee:38 no comment (ECDSA)
4. How to specify a particular user to access the remote server?
# ssh -l linuxteck 192.168.1.100 OR ssh linuxteck@192.168.1.100
Output:
linuxteck@192.168.1.100’s password: (Enter password)
Last login: Mon Apr 6 02:44:44 2020 from 192.168.1.100
Note:
You can use either one of the commands ( ‘-l’ option or ‘username@ipaddress’ ) to login to the remote server with a particular user. Both of these commands serve the same output only.
5. How to access a remote server with a customized port number?
# ssh -l linuxteck 192.168.1.100 -p 18765 OR # ssh linuxteck@192.168.1.100 -p 18765
Output:
linuxteck@192.168.1.100’s password: (Enter password)
Last login: Mon Apr 6 02:54:44 2020 from 192.168.1.100
Note:
Using the ‘-p’ option with either one of the above commands can access the remote server using a customized port number. Normally ssh comes with the default port number 22, but in production mostly the port number will be customized due to security reasons.
6. How to execute a command without login into the remote server?
# ssh -l linuxteck 192.168.1.100 uname -r OR # ssh linuxteck@192.168.1.100 uname -r
Output:
linuxteck@192.168.1.100’s password:
3.10.0–862.14.4.el7.x86_64
Note:
The main advantage of using the above command will display the output in the local system itself without login to the server. For example: If you need to check the “Kernel version” of your remote server. Then execute one of the above commands into the client pc and get the output their itself and it will save your timings as well. This is also similar to the normal ssh command but an additional command is added at the end of the usual ssh command.
7. How to execute multi commands without login into your remote server?
# ssh -l linuxteck 192.168.1.100 uname -r; hostname OR # ssh linuxteck@192.168.1.100 uname -r; hostname
Output:
linuxteck@192.168.1.100’s password:
3.10.0–862.14.4.el7.x86_64
web.linuxteck.com
Note:
The only difference between using single and multi command is using a semicolon (;) between the commands. Nothing else.
8. How to transfer a file from your localhost to a remote server?
# scp dmo3c_test.sql linuxteck@192.168.1.100:/home/apps/production/sql/dump
Output:
linuxteck@192.168.1.100’s password:
dmo3c_test.sql 100% 70KB 3.3MB/s 00:00
Note:
Using the above ‘scp’ command we can transfer a file from a local machine to a remote server with an encrypted connection. You can use the ‘-R’ option to transfer an entire directory from local to remote.
9. How to access a remote server using sftp command?
# sftp linuxteck@192.168.1.100
Output:
linuxteck@192.168.1.100’s password:
Connected to 192.168.1.100.
sftp> ls (# ls command is to list the files)
php
share
tandd
sftp> pwd (#pwd command is to check the path of the current working directory)
Remote working directory: /home/apps
sftp>
Note:
Using the above ‘sftp’ command we can access the remote server with a secure encrypted connection. The sftp utility accepts the same commands as the normal FTPs.
10. Some of the most used general ssh commands in linux :
$ cd
change directory:- It is used to change the working directory. It also referred to as “chdir”.
$ cp
copy:- It is used to copy files and directories from one place to another.
$ chmod
change permission:- It is used to change the read, write, execution permission of a file or directory.
$ chown
change owner:- It is used to change the ownership of a file or directory
$ grep
search patter of a file:- It is used to search given file pattern by specific users
$ wc
word count:- It is mainly used for counting, either words, character, lines.
$ mkdir
create directory: It is used to create a directory
$ rm
delete file:- It is used to delete files and directories
$ touch
Timestamps: It is used for timestamps of a file like “create, update, modify”.Also, it can be used to create an empty file.
$ more
It is used to view the contents of a text file one full screen at a time, Using the spacebar key to help move to the next page.
$ yum
Package management tool:- It is used to install / update / erase rpm packages
$ wget
It is used to download files from the internet.
$ sudo
Superuser do:- It is used to give extra privileges to users (eg: execute system commands, reboot, etc).
$ su
Switch user:- It is used to switch from one user account to another.
$ vi
It is used to edit any kind of Unix files. In Unix ‘vi’ editor is a standard text editor.
$ vim
Vi Improved text editor. It is also used to edit any kind of Linux files.
$ ls
It is used to list all the files and directories. To know more about ‘ls’ command with various options click here
$ cat
It used to concatenate and display files. To know more about ‘cat’ command with various options click here
$ du
Disk usage:- It is used to estimate the filespace usage. To know more about ‘df’ command with various options click here
$ df
Disk free: It is used to estimate the server/storage disk space. To know more about ‘du’ command with various options click here
$ find
It used to search all the files and directories. To know more about find command with various options click here
$ cron
It is used to schedule the repetitive job/task on a regular interval. To know more about cron command with various options click here
$ curl
It is used to transfer the files with URLs between remote to the local system. To know more about curl command with various options click here
$ ps
It is used to monitor all the currently running activities like USER, PID, %CPU, etc, etc. To know more about ps command with various options click here
Note:
All of the above-mentioned commands are commonly used in Linux directly or via ssh. This sample list may help for the beginners. You can use more and more commands in SSH, it’s all based on your user privilege.
Thank you for taking the time to read! I hope this article will help you to understand ‘ssh’ client command with examples. Drop me your feedback/comments. If you like this article, kindly share it and it may help others as well.
Few ssh reference are collected from this site
Thank you!
Originally published at https://www.linuxteck.com on April 6, 2020.
