Scribd
Upload
112 views1 page

SSH Cheat Sheet

This cheat sheet provides concise summaries of common SSH commands and how to securely configure SSH connections. It outlines how to connect to servers, use SSH keys for authentication, run scripts remotely, copy files securely between local and remote machines using SCP, and configure the SSH service and daemon settings like the port, login methods, and logging level. The full article provides more details on cybersecurity topics and can be found on the provided URL.

Uploaded by

Jeevan Mallik S
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
Download as pdf or txt
112 views1 page

SSH Cheat Sheet

This cheat sheet provides concise summaries of common SSH commands and how to securely configure SSH connections. It outlines how to connect to servers, use SSH keys for authentication, run scripts remotely, copy files securely between local and remote machines using SCP, and configure the SSH service and daemon settings like the port, login methods, and logging level. The full article provides more details on cybersecurity topics and can be found on the provided URL.

Uploaded by

Jeevan Mallik S
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
Download as pdf or txt
Download as pdf or txt
You are on page 1/ 1

CHEAT SHEET

SSH - common commands and secure config

SSH connections SSH keys


connects to a server (default port 22) generates a new ssh key
$ ssh user@server $ ssh-keygen -t rsa -b 4096

uses a specific port declared in sshd_config sends the key to the server
$ ssh user@server -p other_port $ ssh-copy-id user@server

runs a script on a remote server converts ids_rsa into ppk


$ ssh user@server script_to_run $ puttygen current_key -o keyname.ppk

compresses and downloads from a remote server


$ ssh user@server "tar cvzf - ~/source" > output.tgz SSH config
specifies other ssh key for connection opens config file (usual location)
$ ssh -i ~/.ssh/specific_ssh_fkey $ sudo nano /etc/ssh/sshd_config

changes default SSH port (22)


SSH service Port 9809

starts ssh service disables root login


$ (sudo) service ssh start PermitRootLogin no

checks ssh service status restricts access to specifucusers


$ (sudo) service ssh status AllowUsers user1, user2

stops ssh service enables login through ssh key


$ (sudo) service ssh stop PubkeyAuthentication yes

restarts ssh service disables login through password


$ (sudo) service ssh restart PasswordAuthentication no

disables usage of files .rhosts and .shosts


SCP (Secure Copy) IgnoreRhosts yes
copies a file from a remote server to a local machine
disables a less secure type of login
$ scp user@server:/directory/file.ext local_destination/
HostbasedAuthentication no
copies a file between two servers
number of unauthenticated connections
$ scp user@server:/dir/file.ext user@server:/dir
before dropping
MaxStartups 10:30:100
copies a file from a local machine to a remote server
$ scp local_destination/file.ext user@server:/directory
no. of failed tries before the servers stops
accepting new tries
uses a specific port declared for SHH in sshd_config
MaxAuthTries 3
$ scp -P port
max current ssh sessions
coppies recursive a whole folder
MaxSessions 1
$ scp -r user@server:/directory local_destination/
disables interactive password authentication
copies all files from a folder
ChallengeResponseAuthentication no
$ scp user@server:/directory/* local_destination/
no empty password allowed
copies all files from a server folder to the current folder
PermitEmptyPasswords no
$ scp user@server:/directory/* .
disables Rhost authtentication
compresses data on network using gzip
RhostsAuthentication no
$ scp -C
disables port forwarding (blocks i.e MySQL Workbench)
prints verbose info about the current transfer
AllowTcpForwarding no
$ scp -v
X11Forwarding no

Full articles about cyber security at prints much more info about SSH connections
https://blowstack.com/blog/cyber-security LogLevel VERBOSE

Author: Piotr Golon, piotr.golon@blowstack.com, https://blowstack.com

You might also like