Using SSH is very useful to connect to remote Linux machines. Here are some very useful Linux tips for using an SSH connection and getting information about it.
To check if a host key exists on a Linux machine, use this command.
┌──(john㉿DESKTOP-PF01IEE)-[/mnt/c/Users/Intel i5/Desktop] └─$ ssh-keygen -r 192.168.1.3 192.168.1.3 IN SSHFP 1 1 ec9d623f3118e35113b6744ac41a1a6ac34bf855 192.168.1.3 IN SSHFP 1 2 7bf8f798ee8af14dea2d72d288bf318fab30ed6dffb58d6dcae5b78f5fe2fdfd 192.168.1.3 IN SSHFP 3 1 4c200b7eb2ce0dcc92b04e752d7ebdd5f35ef97f 192.168.1.3 IN SSHFP 3 2 c8476e437fffc2095b3c174ec2d3584682d53234115966d3ed5d918856c49478 192.168.1.3 IN SSHFP 4 1 6a2c04ba217f6a623f222780fa92ea5c3e20f830 192.168.1.3 IN SSHFP 4 2 91e2bdefb9c52c54df958b53ae980a1c15826d26f5e81cf34c856fab90a6bad3 |
And to delete an SSH host key, use the -R parameter.
┌──(john㉿DESKTOP-PF01IEE)-[~] └─$ ssh-keygen -R 192.168.1.3 # Host 192.168.1.3 found: line 1 # Host 192.168.1.3 found: line 2 # Host 192.168.1.3 found: line 3 /home/john/.ssh/known_hosts updated. Original contents retained as /home/john/.ssh/known_hosts.old |
This will save the SSH host keys in a backup file if they are needed later.
This means that the connection will ask for the host keys again when you attempt to connect again.
┌──(john㉿DESKTOP-PF01IEE)-[~] └─$ ssh -X jason@192.168.1.3 The authenticity of host '192.168.1.3 (192.168.1.3)' can't be established. ED25519 key fingerprint is SHA256:LwQeGXXSqBviREKL2VaRXzysKiB41YbRftIxnjkoSbA. This host key is known by the following other names/addresses: ~/.ssh/known_hosts:1: [hashed name] Are you sure you want to continue connecting (yes/no/[fingerprint])? |
View the SSH host keys of a remote Linux machine.
┌──(john㉿DESKTOP-PF01IEE)-[~] └─$ ssh-keyscan 192.168.1.3 # 192.168.1.3:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 192.168.1.3 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDU7pyuFPuSRzi/tPvu3hIIXLxFn7FEIXSXREhq0lLEh8R4ivjDL6pA9SZgWLboVTet5i3KOsPrIFydOLQl27FD+EK4uvk6ZMghSxpdRDvpNHiFM/ZSoW19+ByNaJ11TOROEMxp6Yh7MEs9CIU6UZWy34gcbdI4eH9PqrUYOa1XwjC10Gfit94YC3I4vARUwl/EzNqRVRhh3XeoaBhvhVIvzPNRVBht95cfnqrh3+fHJC2Vox88LnpzuNM4leb2ZsNdJn5NyMD4JoHv2NUggxHVeMB4lAvw2tSOcgcvlPPCae7Hz2U2hdEl3d/+i7wFZQ2p/YnYwRvoSx5GfKi6VbF6ol1KKG6WcjXU3uIoqGAYiCEte8iU0tWlr3AzkyhoUZMUALl/CmTVzrKOXTt9zT4p7P7gTBGqDvvqe+Cw4JB2dIbaZrY1l/M0OqRzSIzbU7X2jXdfcS3zmPVuDLrXEjgNLGEMiUfHyMaPhm49lQeiE8yS9VHeRA6PPgSEGzCj1zU= # 192.168.1.3:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 192.168.1.3 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAjcgSUegn0If45mNLIzx5kyc0mdbLzhORNP+QprFY0W # 192.168.1.3:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 # 192.168.1.3:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 192.168.1.3 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZNu3uMPmribeHhbzMTsl0gwtWkAS32bxD5MTtmI593HozboYCy0ZXi9iL0vEzmZNc6qqxDHD3GBzZ/QvSV8Ow= # 192.168.1.3:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 |
Press ENTER once in the command line whilst connected to a remote host and then type ~# and hit enter again to view the current forwarded SSH connection(s).
(base) jason@jason-Lenovo-H50-55:~$ ~# The following connections are open: #0 client-session (t4 r0 i0/0 o0/0 e[write]/4 fd 4/5/6 sock -1 cc -1 io 0x01/0x01) |
SSH escape sequences are very useful to get information on your current connection. Below are a few useful examples.
(base) jason@jason-Lenovo-H50-55:~$ ~? Supported escape sequences: ~. - terminate connection (and any multiplexed sessions) ~B - send a BREAK to the remote system ~C - open a command line ~R - request rekey ~V/v - decrease/increase verbosity (LogLevel) ~^Z - suspend ssh ~# - list forwarded connections ~& - background ssh (when waiting for connections to terminate) ~? - this message ~~ - send the escape character by typing it twice (Note that escapes are only recognized immediately after newline.) |
The ~C escape character will open a command line for SSH. This allows control over the SSH connection.
(base) jason@jason-Lenovo-H50-55:~$ ssh> |
These are the available commands.
(base) jason@jason-Lenovo-H50-55:~$ ssh> ? Commands: -L[bind_address:]port:host:hostport Request local forward -R[bind_address:]port:host:hostport Request remote forward -D[bind_address:]port Request dynamic forward -KL[bind_address:]port Cancel local forward -KR[bind_address:]port Cancel remote forward -KD[bind_address:]port Cancel dynamic forward |
A sample command is entered in the SSH command line.
(base) jason@jason-Lenovo-H50-55:~$ ssh> -D 9001 Forwarding port. |
Another very useful SSH tip. Connect once just to run a command and view the output.
┌──(john㉿DESKTOP-PF01IEE)-[~] └─$ ssh -X jason@192.168.1.3 -P ls /home/jason/Documents/ jason@192.168.1.3's password: Warning: No xauth data; using fake authentication data for X11 forwarding. 08-02-03.zip 1642131874442.png 1643434357547.png 1651802601655.jpg 1654140841555.jpg 1658719799030196.webm 20210302_105440.jpg 20210607_154601.jpg 20220101_084133.jpg 20220123_120418.jpg 20220501090520_1.jpg 20220501154818_1.jpg ai1.c ai1.c~ ai.c ballgirl.webm ballreaction.webm Boomsrc GPL.txt install.sh ipaudit-0.95 ipaudit-0.95.tgz makefile message.txt nc nc.nasm new-title-fancy.webp nohup.out rabid-science.zip readme.txt scotty-tradie.webm soap.py telstrawpa-01.cap testing.c test.txt this_is_a_dir_ title3.webp title-new-2.webp title-new.webp title-trans.webp title.webp title.xcf Untitled.xcf xVST xVST_2_5_1_x64-linux-dynamic.tar.gz |