ssh Command in Linux with Examples

SSH, or Secure Shell, is a cryptographic network protocol that allows users to access one computer from another over an insecure network securely. It’s a powerful tool that has become an essential part of the toolkit for system administrators, developers, and IT professionals.

Before diving into the intricacies of the SSH command, it’s crucial to understand its significance and the various scenarios in which it’s employed.

What Is the SSH Command?

SSH is not just a command; it’s a protocol that ensures secure remote login and other secure network services over an insecure network. The ssh command in Linux is the client-side command-line tool that allows users to initiate a secure connection to a remote server that runs the SSH server.

Why Use the SSH Command?

  1. Security: SSH encrypts data, ensuring that sensitive information is not exposed to potential eavesdroppers.
  2. Flexibility: SSH can be used for various tasks, including remote command execution, secure file transfer, and tunneling applications.
  3. Authentication: SSH supports multiple forms of authentication, including password-based, public key, and multi-factor authentication.

Understanding SSH Command Syntax

The basic syntax of the SSH command is:

ssh [options] [user@]hostname


  • options: These are the flags or parameters that modify the behavior of the SSH command.
  • user: The remote system username.
  • hostname: The name or IP address of the remote server.

Different Options of the SSH Command

SSH Command Without Any Options

By default, when you use the SSH command without any options, it tries to connect to the remote server using the current user’s username.


This command will attempt to connect to using the username of the user executing the command.

SSH Command With Options

There are numerous options available with the SSH command. Here are some of the most commonly used ones:

  • -p: Specifies the port on the remote host.
  • -i: Specifies the identity file (private key) for key-based authentication.
  • -X: Enables X11 forwarding.
  • -L and -R: Used for port forwarding.

Understanding Remote Command Execution with SSH

The SSH command isn’t just for logging into remote servers. One of its powerful features is the ability to execute commands on a remote server without initiating a full login session. This can be incredibly useful for automating tasks or quickly checking on something without needing to access the full remote environment.

Example 1: Executing a Command on a Remote Server


SSH allows you to execute a single command on a remote server by appending the command to the SSH command itself.

ssh 'ls -l'


  • ssh: The command to initiate a secure shell connection.
  • Specifies the user and the remote server you want to connect to.
  • 'ls -l': The command enclosed in single quotes is the one you want to execute on the remote server. In this case, it lists the files in long format.

Example 2: Running Multiple Commands


You can string multiple commands together using a semicolon to execute them sequentially on the remote server.

ssh 'cd /var/www; git pull'


  • cd /var/www: This command changes the directory to /var/www on the remote server.
  • git pull: After changing the directory, this command pulls the latest changes from a Git repository located in /var/www.

Example 3: Using SSH with a Specific Private Key


For added security, SSH allows key-based authentication. This example demonstrates how to specify a particular private key when connecting.

ssh -i /path/to/private_key.pem


  • -i /path/to/private_key.pem: This option specifies the path to the private key used for authentication.
  • The user and server to which you’re connecting.

Example 4: Enabling X11 Forwarding


If you need to run graphical applications remotely, SSH provides X11 forwarding to render the GUI locally.

ssh -X


  • -X: This option enables X11 forwarding, allowing you to run graphical applications on the remote server and display them on your local machine.

Example 5: Local Port Forwarding


SSH can tunnel traffic from a local port to a port on the remote server, effectively forwarding it.

ssh -L 8080:localhost:80


  • -L 8080:localhost:80: This option sets up forwarding from the local machine’s port 8080 to the remote server’s port 80.

Example 6: Remote Port Forwarding


Conversely, you can forward traffic from a remote port to a local port.

ssh -R 8080:localhost:80


  • -R 8080:localhost:80: This option forwards the remote server’s port 8080 to the local machine’s port 80.

Example 7: Using SSH in Verbose Mode


If you’re troubleshooting or just curious about the behind-the-scenes of your SSH connection, verbose mode provides detailed information about the connection process.

ssh -v


  • -v: This option enables verbose mode, which provides a detailed account of the SSH connection process, helping in debugging.

Example 8: Specifying a Different Port


By default, SSH uses port 22. However, for security or other reasons, the remote server might be configured to listen on a different port. You can specify the port using the -p option.

ssh -p 2222


  • -p 2222: This option tells SSH to connect to port 2222 on the remote server.

Example 9: Using SSH with a Configuration File


SSH can utilize a configuration file to streamline connections and specify default options.

ssh -F /path/to/config_file


  • -F /path/to/config_file: This option specifies a custom configuration file for SSH, allowing you to set default options for your SSH connections.

Example 10: Using SSH to Transfer Files


While scp is the dedicated command for file transfer over SSH, you can also use SSH to transfer files in a pinch.

cat localfile.txt | ssh 'cat > remotefile.txt'


  • cat localfile.txt: This command reads the content of localfile.txt on your local machine.
  • ssh 'cat > remotefile.txt': This command writes the content read from the local file to remotefile.txt on the remote server.

Advanced SSH Command Examples

Advanced Example 1: Creating a SOCKS Proxy


SSH can be used to set up a SOCKS proxy, allowing you to route your internet traffic through the remote server.

ssh -D 8080


  • -D 8080: This option sets up a SOCKS proxy on port 8080. When configured in your browser or system settings, this allows you to route your internet traffic through the remote server.

Advanced Example 2: Using SSH Agent Forwarding


If you’re hopping between multiple servers, SSH agent forwarding can be a lifesaver. It allows the remote server to use your local SSH keys without having to store them on the remote server.

ssh -A


  • -A: This option enables agent forwarding, allowing the remote server to use your local SSH keys for further SSH connections.

Advanced Example 3: Tunneling a Specific Application


You can use SSH to tunnel specific applications, ensuring their traffic is securely routed through the remote server.

ssh -L 8080:localhost:80 -N -f -L 3306:localhost:3306


  • -L 8080:localhost:80: This option forwards the local machine’s port 8080 to the remote server’s port 80.
  • -N: Tells SSH that no command will be sent once the tunnel is up.
  • -f: Sends SSH to the background, so it doesn’t occupy your terminal.
  • -L 3306:localhost:3306: This option forwards the local machine’s port 3306 (commonly used for databases) to the remote server’s port 3306.

Advanced Example 4: Using SSH with a Jump Host


In environments with strict security measures, you might need to connect to a target server through another server, commonly referred to as a “jump host” or “bastion host”. SSH provides a seamless way to achieve this.

ssh -J


  • -J This option specifies the jump host to use as the intermediate connection point.
  • This is the final destination or target server you want to connect to. The SSH connection will first connect to the jump host and then, from there, connect to the target server.

Advanced Example 5: Making an SSH Connection Persistent


Network hiccups or minor disruptions can terminate an SSH session. To prevent frequent disconnections, you can configure SSH to send keepalive packets at regular intervals.

ssh -o ServerAliveInterval=60


  • -o ServerAliveInterval=60: This option configures SSH to send a keepalive packet every 60 seconds. If the connection gets disrupted, these packets help in keeping the connection alive or detecting a lost connection faster.

Advanced Example 6: Restricting SSH Session Activities


For security reasons, you might want to restrict what a user can do during an SSH session. This can be achieved using a command restriction in the authorized keys file, but here’s how it looks when initiating a connection:

ssh 'command_to_run' 


  • command_to_run: This is the only command that will be allowed to run during this SSH session. Any other command attempts will be denied.

Advanced Example 7: Using SSH with Compression


If you’re transferring large amounts of data over SSH, enabling compression can speed up the transfer.

ssh -C


  • -C: This option enables compression of the data, which can be particularly useful when transferring large files or data sets.

Advanced Example 8: Disconnecting After Executing a Command


You can configure SSH to disconnect automatically after executing a specific command.

ssh 'command_to_run' -f


  • command_to_run: The command you want to execute on the remote server.
  • -f: This option tells SSH to go to the background just before the command execution, effectively disconnecting the session after the command runs.

Advanced Example 9: Limiting Connection Time


For tasks that shouldn’t take too long, you can set a timeout for an SSH connection.

ssh -o ConnectTimeout=10


  • -o ConnectTimeout=10: This option sets a connection timeout of 10 seconds. If the connection isn’t established within this time frame, SSH will terminate the attempt.

Advanced Example 10: Using a Different Encryption Cipher


SSH supports multiple encryption ciphers. If needed, you can specify a different cipher for your connection.

ssh -c


  • -c This option specifies the encryption cipher to be used for the session. In this case, the AES256 GCM cipher is chosen.


The SSH command in Linux is a versatile and powerful tool, offering a plethora of options to cater to various scenarios and requirements. Whether you’re a system administrator, developer, or IT professional, mastering SSH can significantly enhance your productivity and the security of your operations. Always remember to use SSH responsibly, keeping security best practices in mind.

Leave a Comment

Your Mastodon Instance
Share to...