Bash Remote Connect (ssh)
Securely connect to remote servers and computers
🔐 What is SSH?
SSH (Secure Shell) is a network protocol for secure remote login and command execution. It encrypts all data between your computer and the remote server, protecting passwords and sensitive information. Essential for server administration and remote work.
# Basic SSH connection
ssh [email protected]
Common SSH Commands
Execute Command
Run command remotely
ssh user@server "ls -la"🔹 Basic SSH Connection
To establish a secure shell session on a remote server, use the basic command ssh username@hostname_or_ip. SSH will prompt for the user's password (unless key-based authentication is configured). Once authenticated, you are presented with an interactive command-line shell on the remote machine, allowing you to execute commands, manage files, and administer the system as if you were physically present. This encrypted tunnel is the foundation for secure remote administration, file transfers (via SCP/SFTP), and tunneling other network services.
# Connect with username and hostname
ssh [email protected]
# Connect with IP address
ssh [email protected]
# Connect and specify user
ssh -l username server.com🔹 SSH with Custom Port
If the remote SSH daemon is listening on a port other than the default 22, specify it with the -p PORT option (lowercase p). For instance, ssh -p 2222 [email protected]. Using a non-standard port is a simple but effective security hardening measure to reduce the noise from automated scanning bots that typically target port 22. It's a common practice in production environments, cloud servers, and for any internet-facing SSH service. Remembering the correct port is essential, as connection attempts to the default port will fail.
# Connect to custom port
ssh -p 2222 [email protected]
# Connect to port 8022
ssh -p 8022 [email protected]🔹 SSH Key Authentication
SSH key authentication is more secure and convenient than passwords, using a public/private cryptographic key pair. First, generate a key pair locally with ssh-keygen. Then, copy the public key to the server using ssh-copy-id user@host. Once configured, you can connect without a password. To use a specific private key file (e.g., for different servers), use the -i /path/to/key option: ssh -i ~/.ssh/id_rsa_aws user@host. This method is essential for automation, scripts, and is the standard for accessing cloud infrastructure like AWS, GCP, and Azure.
# Generate SSH key pair
ssh-keygen -t rsa -b 4096
# Copy public key to server
ssh-copy-id [email protected]
# Connect using specific key
ssh -i ~/.ssh/id_rsa [email protected]
# Connect with PEM key (AWS, etc.)
ssh -i mykey.pem [email protected]🔹 Execute Remote Commands
SSH can execute a single command on a remote host without starting an interactive shell session by appending the command to the connection string. For example: ssh user@host 'ls -la /tmp'. The command runs on the remote server, its output is displayed locally, and then the connection closes automatically. This is incredibly powerful for scripting and automation—imagine running backup scripts, checking disk space, restarting services, or deploying code across multiple servers from a central location. It turns SSH into a remote procedure call (RPC) mechanism.
# Run single command
ssh [email protected] "ls -la /var/www"
# Check disk space remotely
ssh [email protected] "df -h"
# Multiple commands with semicolon
ssh [email protected] "cd /var/log; tail -n 20 syslog"🔹 SSH Port Forwarding
SSH port forwarding (tunneling) creates secure encrypted pathways for other network traffic through your SSH connection. Local Forwarding (-L): ssh -L 8080:localhost:80 user@gateway makes the remote server's port 80 accessible on your local machine as localhost:8080. Remote Forwarding (-R): ssh -R 9000:localhost:3000 user@server makes your local machine's port 3000 accessible on the remote server as localhost:9000. This is invaluable for securely accessing databases, web UIs, or internal services that are not publicly exposed.
# Local port forwarding
# Access remote MySQL on local port 3307
ssh -L 3307:localhost:3306 [email protected]
# Remote port forwarding
# Make local port 8080 accessible from remote
ssh -R 8080:localhost:80 [email protected]🔹 SSH Config File
Simplify and streamline SSH connections by defining hosts in the ~/.ssh/config file. You can create shortcuts (aliases) and pre-set options for frequently accessed servers. For example, a config entry for "mywebserver" can define the HostName, User, Port, and IdentityFile (private key). Once saved, you connect simply with ssh mywebserver, eliminating the need to remember or type out long command-line parameters. This not only saves time but also reduces errors, standardizes connection settings across team members, and makes managing access to dozens of servers manageable.
# Create/edit SSH config
nano ~/.ssh/config
# Add this configuration:
Host myserver
HostName example.com
User john
Port 2222
IdentityFile ~/.ssh/id_rsa
# Now connect simply with:
ssh myserver🔹 SSH Session Management
SSH session management commands help maintain and control remote connections efficiently. Use the -o ServerAliveInterval parameter to send periodic keepalive packets, which prevent premature disconnections due to network idle timeouts. The -N option establishes a tunnel without executing a remote command—ideal for secure port forwarding scenarios. Meanwhile, -f backgrounds the SSH process after authentication, freeing your terminal. Combining these flags ensures reliable, long-lived SSH sessions for administrative tasks, secure file transfers, and remote system management in enterprise or development environments.
# Keep connection alive (send packet every 60 seconds)
ssh -o ServerAliveInterval=60 [email protected]
# Background SSH tunnel
ssh -f -N -L 8080:localhost:80 [email protected]
# Verbose output for debugging
ssh -v [email protected]