Guide

Concepts and learning path

Troubleshooting

Failure modes and fixes

Cheatsheet

Commands to keep handy

SSH cheatsheet

Connecting

CommandDescription
ssh user@hostInteractive login
ssh -p 2222 user@hostConnect on custom port
ssh -i ~/.ssh/deploy_key user@hostUse specific private key
ssh user@host 'uptime'Run remote command
ssh -J bastion user@internalJump through bastion (ProxyJump)
ssh -L 8080:localhost:80 user@hostLocal port forward
ssh -R 9000:localhost:3000 user@hostRemote port forward

Keys

CommandDescription
ssh-keygen -t ed25519 -C "you@host"Generate Ed25519 key pair
ssh-copy-id -i ~/.ssh/id_ed25519.pub user@hostInstall public key on server
ssh-keygen -lf ~/.ssh/id_ed25519.pubShow key fingerprint
ssh-add ~/.ssh/id_ed25519Add key to ssh-agent
ssh-add -lList loaded agent keys

File transfer

CommandDescription
scp file user@host:/path/Copy file to remote
scp -r dir/ user@host:/path/Copy directory recursively
scp -P 2222 file user@host:scp with custom port
sftp user@hostInteractive SFTP session
rsync -avz -e ssh src/ user@host:dest/Sync over SSH

Server management

CommandDescription
systemctl status sshSSH service status (Debian/Ubuntu)
systemctl status sshdSSH service status (RHEL/CentOS)
sshd -tTest sshd_config syntax
ss -tlnp | grep :22Confirm sshd is listening
journalctl -u ssh -n 50Recent SSH logs (systemd)

Debugging

CommandDescription
ssh -v user@hostVerbose connection debug
ssh -vvv user@hostMaximum verbosity
ssh-keygen -R hostRemove stale known_hosts entry
grep sshd /var/log/auth.logAuth log (Debian/Ubuntu)
grep sshd /var/log/secureAuth log (RHEL/CentOS)

Example ~/.ssh/config

Host bastion HostName jump.example.com User deploy IdentityFile ~/.ssh/deploy_ed25519 Host app-* User ubuntu ProxyJump bastion IdentityFile ~/.ssh/deploy_ed25519

Pro tips

Practice scenarios

Hands-on SSH scenarios on live Linux VMs: ssh