≡ Menu

5 Basic Linux SSH Client Commands

OpenSSH

Let us review the following 5 basic command line usage of the ssh client.

  1. Identify SSH client version
  2. Login to remote host
  3. Transfer Files to/from remote host
  4. Debug SSH client connection
  5. SSH escape character usage: (Toggle SSH session, SSH session statistics etc.)


1. SSH Client Version:

Sometimes it may be necessary to identify the SSH client that you are currently running and it’s corresponding version number, which can be identified as shown below. Please note that Linux comes with OpenSSH.

$ ssh -V
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003

$ ssh -V
ssh: SSH Secure Shell 3.2.9.1 (non-commercial version) on i686-pc-linux-gnu

2. Login to remote host:

  • The First time when you login to the remotehost from a localhost, it will display the host key not found message and you can give “yes” to continue. The host key of the remote host will be added under .ssh2/hostkeys directory of your home directory, as shown below.
localhost$ ssh -l jsmith remotehost.example.com

Host key not found from database.
Key fingerprint:
xabie-dezbc-manud-bartd-satsy-limit-nexiu-jambl-title-jarde-tuxum
You can get a public key’s fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)? yes
Host key saved to /home/jsmith/.ssh2/hostkeys/key_22_remotehost.example.com.pub
host key for remotehost.example.com, accepted by jsmith Mon May 26 2008 16:06:50 -0700
jsmith@remotehost.example.com password: 
remotehost.example.com$
  • The Second time when you login to the remote host from the localhost, it will prompt only for the password as the remote host key is already added to the known hosts list of the ssh client.
         localhost$ ssh -l jsmith remotehost.example.com
jsmith@remotehost.example.com password:
remotehost.example.com$
  • For some reason, if the host key of the remote host is changed after you logged in for the first time, you may get a warning message as shown below. This could be because of various reasons such as 1) Sysadmin upgraded/reinstalled the SSH server on the remote host 2) someone is doing malicious activity etc., The best possible action to take before saying “yes” to the message below, is to call your sysadmin and identify why you got the host key changed message and verify whether it is the correct host key or not.
        localhost$ ssh -l jsmith remotehost.example.com
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the host key has just been changed.
Please contact your system administrator.
Add correct host key to "/home/jsmith/.ssh2/hostkeys/key_22_remotehost.example.com.pub"
to get rid of this message. Received server key's fingerprint: xabie-dezbc-manud-bartd-satsy-limit-nexiu-jambl-title-jarde-tuxum You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Agent forwarding is disabled to avoid attacks by corrupted servers.
Are you sure you want to continue connecting (yes/no)? yes
Do you want to change the host key on disk (yes/no)? yes
Agent forwarding re-enabled.
Host key saved to /home/jsmith/.ssh2/hostkeys/key_22_remotehost.example.com.pub
host key for remotehost.example.com, accepted by jsmith Mon May 26 2008 16:17:31 -0700
jsmith @remotehost.example.com's password:
remotehost$

3. File transfer to/from remote host:

Another common use of ssh client is to copy files from/to remote host using scp.

  • Copy file from the remotehost to the localhost:
        localhost$scp jsmith@remotehost.example.com:/home/jsmith/remotehostfile.txt remotehostfile.txt
  • Copy file from the localhost to the remotehost:
        localhost$scp localhostfile.txt jsmith@remotehost.example.com:/home/jsmith/localhostfile.txt

4. Debug SSH Client:

Sometimes it is necessary to view debug messages to troubleshoot any SSH connection issues. For this purpose, pass -v (lowercase v) option to the ssh as shown below.

  • Example without debug message:
        localhost$ ssh -l jsmith remotehost.example.com
warning: Connecting to remotehost.example.com failed: No address associated to the name
localhost$
  • Example with debug message:
        locaclhost$ ssh -v -l jsmith remotehost.example.com
debug: SshConfig/sshconfig.c:2838/ssh2_parse_config_ext: Metaconfig parsing stopped at line 3.
debug: SshConfig/sshconfig.c:637/ssh_config_set_param_verbose: Setting variable 'VerboseMode' to 'FALSE'.
debug: SshConfig/sshconfig.c:3130/ssh_config_read_file_ext: Read 17 params from config file.
debug: Ssh2/ssh2.c:1707/main: User config file not found, using defaults. (Looked for '/home/jsmith/.ssh2/ssh2_config')
debug: Connecting to remotehost.example.com, port 22... (SOCKS not used)
warning: Connecting to remotehost.example.com failed: No address associated to the name

5. Escape Character: (Toggle SSH session, SSH session statistics etc.)

Escape character ~ get’s SSH clients attention and the character following the ~ determines the escape command.
Toggle SSH Session: When you’ve logged on to the remotehost using ssh from the localhost, you may want to come back to the localhost to perform some activity and go back to remote host again. In this case, you don’t need to disconnect the ssh session to the remote host. Instead follow the steps below.

  • Login to remotehost from localhost: localhost$ssh -l jsmith remotehost
  • Now you are connected to the remotehost: remotehost$
  • To come back to the localhost temporarily, type the escape character ~ and Control-Z. When you type ~ you will not see that immediately on the screen until you press <Control-Z> and press enter. So, on the remotehost in a new line enter the following key strokes for the below to work: ~<Control-Z>
    remotehost$ ~^Z
[1]+ Stopped ssh -l jsmith remotehost
localhost$
  • Now you are back to the localhost and the ssh remotehost client session runs as a typical unix background job, which you can check as shown below:
    localhost$ jobs
[1]+ Stopped ssh -l jsmith remotehost
  • You can go back to the remote host ssh without entering the password again by bringing the background ssh remotehost session job to foreground on the localhost
    localhost$ fg %1
ssh -l jsmith remotehost
remotehost$

SSH Session statistics: To get some useful statistics about the current ssh session, do the following. This works only on SSH2 client.

  • Login to remotehost from localhost: localhost$ssh -l jsmith remotehost
  • On the remotehost, type ssh escape character ~ followed by s as shown below. This will display lot of useful statistics about the current SSH connection.
        remotehost$  [Note: The ~s is not visible on the command line when you type.] 
remote host: remotehost
local host: localhost
remote version: SSH-1.99-OpenSSH_3.9p1
local version: SSH-2.0-3.2.9.1 SSH Secure Shell (non-commercial)
compressed bytes in: 1506
uncompressed bytes in: 1622
compressed bytes out: 4997
uncompressed bytes out: 5118
packets in: 15
packets out: 24
rekeys: 0
Algorithms:
Chosen key exchange algorithm: diffie-hellman-group1-sha1
Chosen host key algorithm: ssh-dss
Common host key algorithms: ssh-dss,ssh-rsa
Algorithms client to server:
Cipher: aes128-cbc
MAC: hmac-sha1
Compression: zlib
Algorithms server to client:
Cipher: aes128-cbc
MAC: hmac-sha1
Compression: zlib
localhost$

 
If you like this post, please bookmark it on del.icio.us or Stumble It.

Add your comment

If you enjoyed this article, you might also like..

  1. 50 Linux Sysadmin Tutorials
  2. 50 Most Frequently Used Linux Commands (With Examples)
  3. Top 25 Best Linux Performance Monitoring and Debugging Tools
  4. Mommy, I found it! – 15 Practical Linux Find Command Examples
  5. Linux 101 Hacks 2nd Edition eBook Linux 101 Hacks Book

Bash 101 Hacks Book Sed and Awk 101 Hacks Book Nagios Core 3 Book Vim 101 Hacks Book

Comments on this entry are closed.

  • NetSpider June 29, 2009, 10:22 am

    ~s not works on FreeBSD ssh-session

  • walvim December 4, 2009, 7:43 pm

    f you are using a system without ssh client then you can use webbased ssh clients (a ssh client on a website) like electrica.
    (Also handy when behind a firewall only allowing http traffic)

  • Satya Prakash January 14, 2011, 7:51 am

    All your tutorials about Linux command so very good.

  • sachin August 11, 2011, 3:47 am

    All your tutorials about Linux command so very good.

  • sacarde August 22, 2012, 9:05 am

    hi,
    I try to exec command: “~s” in ssh session in my archlinux-64
    but seem that there is not a sequence: “s”

    I view only:
    ~. – terminate connection (and any multiplexed sessions)
    ~B – send a BREAK to the remote system
    ~C – open a command line
    ~R – Request rekey (SSH protocol 2 only)
    ~^Z – suspend ssh
    ~# – list forwarded connections
    ~& – background ssh (when waiting for connections to terminate)
    ~? – this message
    ~~ – send the escape character by typing it twice

    thanks

  • Neeraj December 17, 2012, 4:20 am

    Good tutorial,thanx

  • Runcy February 4, 2013, 11:35 am

    Way too nice. Really impressed with this article, although some commands like ~s may not be applicable for OS X.

  • Deepak March 22, 2013, 11:05 am

    Can you create a tutorial on “sevices”

  • Ramesh Pasham May 5, 2013, 12:45 am

    Nicely described Ramesh.

  • Devi August 20, 2013, 8:25 am

    toggle between ssh is not working.. will you please help me in this case..

  • Kumarswamy September 17, 2013, 4:16 am

    thank you for the information but I want to how we can connect to windows machine from Linux machine…………?

  • vinod October 10, 2013, 12:19 am

    good notes to read about SSH briefly

  • Kiran Kumar July 28, 2014, 5:14 am

    Hi Ramesh,

    Could you give the step to connect windows machine from aix machine with examples.

    We require to copy a file from windows machine to aix machine. The file capacity is around 90 mb. So, it’s taking 2 hours to transfer. We are using ftp to transfer that file.

    So, if any other tools are there, just tell how to use that.
    Thanks in advance.

    Regards,
    Kiran

  • nndreza December 14, 2014, 4:09 pm

    No worked on ubuntu 14.04?

  • jesus February 27, 2015, 1:24 pm

    If you want to transfer files with SSH then sftp is great, it has a similar interface to normal ftp (get/put commands). Also Filezilla supports sftp and private key login if you prefer to work with a graphical interface.

  • Habeeb Perwad May 23, 2015, 6:30 am

    If the user don’t have remote machine to connect with, they can connect the to same machine like “ssh username@127.0.0.1” for testing the commands.

    “~s” is not working. I didn’t find such method in “man ssh”.

    [Tested in: Ubuntu 14.04, GNU bash, version 4.3.11, OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014]

  • ben pope March 23, 2016, 5:32 pm

    Very informative. Did not address my problem but even the git site itself could not either. Windows I have made a ssh key set and need to configure the bashrc file. I believe I found it and made the changes that git recommended (The added code) but it doesn’t ask for me to log in like it says it chould and all ssh cmds do nothing but either

    Ben@ MINGW64 ~/Desktop
    $ ssh
    usage: ssh [-***************************] [-b bind_address] [-c cipher_spec]
    [-D [bind_address:]port] [-E log_file] [-e escape_char]
    [-F configfile] [-I pkcs11] [-i identity_file]
    [-L address] [-l login_name] [-m mac_spec]
    [-O ctl_cmd] [-o option] [-p port]
    [-Q cipher | cipher-auth | mac | kex | key]
    [-R address] [-S ctl_path] [-W host:port]
    [-w local_tun[:remote_tun]] [user@]hostname [command]

    Ben@ MINGW64 ~/Desktop
    $ ssh — l benpope82
    ssh: Could not resolve hostname l: Name or service not known