ssh(1)
OpenSSH remote login client for securely connecting to remote systems over the network.
Synopsis
ssh [OPTIONS] [USER@]HOSTNAME [COMMAND]Description
ssh (Secure Shell) is a cryptographic network protocol and client for logging into and executing commands on remote machines. It provides secure encrypted communication over an insecure network, replacing older insecure protocols like telnet and rsh.
When invoked without a command, ssh opens an interactive shell session on the remote host. With a command specified, it executes that command on the remote system and returns the output. Authentication is performed using password, public key, or other methods configured on the server.
Common options
| Flag | What it does |
|---|---|
-i FILE | use identity file (private key) for authentication instead of default keys |
-u USER | specify remote username (alternative to user@host syntax) |
-p PORT | specify SSH port on remote host (default 22) |
-v | verbose mode; print debugging information (use -vv or -vvv for more detail) |
-X | enable X11 forwarding for graphical applications |
-L LOCAL_PORT:HOST:REMOTE_PORT | set up local port forwarding tunnel |
-R REMOTE_PORT:HOST:LOCAL_PORT | set up remote port forwarding tunnel |
-N | do not execute remote command (useful for port forwarding only) |
-f | go to background after authentication (use with -N for tunnels) |
-o OPTION=VALUE | pass configuration options (e.g., -o StrictHostKeyChecking=no) |
-C | enable compression of data stream |
-t | force pseudo-terminal allocation (useful for interactive commands) |
Examples
Connect to example.com as user and open an interactive shell
ssh [email protected]Connect using a specific private key file for authentication
ssh -i ~/.ssh/id_rsa [email protected]Connect to a server running SSH on non-standard port 2222
ssh -p 2222 [email protected]Execute a remote command and return output without opening a shell
ssh [email protected] 'ls -la /var/www'Forward local port 8080 to remote port 3000; -N keeps connection open without shell
ssh -L 8080:localhost:3000 [email protected] -NConnect with X11 forwarding enabled for running graphical applications
ssh -X [email protected]Connect with verbose output to debug connection issues
ssh -v [email protected]Execute a remote command requiring elevated privileges
ssh [email protected] 'sudo systemctl restart nginx'