Secure Shell Protocol (SSH)
The Secure Shell Protocol is a cryptographic network protocol for operating network services securely over an unsecured network.
We can ssh from the terminal by running, for example
To copy files, use
scp <source> <destination>
SUPER USEFUL, LEARNED FROM ASHWIN at NVIDIA
Instead of having to write the password every time you SSH, or having to manually copy paste, you can do
Then, later, you can just
BE CAREFUL, this breaks for an existing file if the time does not align properly.
sshpass to include the password into it.
sshpass -p 'f1tenthUW!' scp /Users/stevengong/Projects/f1tenth_ws/nodes/pure_pursuit/src/pure_pursuit_node.cpp firstname.lastname@example.org:f1tenth_ws/src/pure_pursuit/src/pure_pursuit_node.cpp
# from local to remote scp ./e7_floor5_clean.pgm email@example.com:f1tenth_ws/src scp /Users/stevengong/Projects/f1tenth_ws/nodes/pure_pursuit/src/pure_pursuit_node.cpp firstname.lastname@example.org:f1tenth_ws/src/pure_pursuit/src/pure_pursuit_node.cpp scp -r ./video_frames email@example.com:/home/s36gong/Musashi-AI # From remote to local scp firstname.lastname@example.org:f1tenth_ws/<remote_file> . # For directories, it is the same syntax but add the -r flag scp -r /path/to/directory user@machine_b_ipaddress:/path/to/destination scp -r user@machine_a_ipaddress:/path/to/directory /path/to/destination
scp email@example.com:f1tenth_ws/rrt.rviz .
SSH Command options
Some of the most important command-line options for the OpenSSH client are:
-1Use protocol version 1 only.
-2Use protocol version 2 only.
-4Use IPv4 addresses only.
-6Use IPv6 addresses only.
sshcommand to run in the background
-Ndo not to execute a remote command.
- -C Use data compression
- -c cipher_spec Selects the cipher specification for encrypting the session.
**[bind_address:]**port Dynamic application-level port forwarding. This allocates a socket to listen to port on the local side. When a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine.
- -E log_file Append debug logs to log_file instead of standard error.
- -F configfile Specifies a per-user configuration file. The default for the per-user configuration file is ~/.ssh/config.
- -g Allows remote hosts to connect to local forwarded ports.
- -i identity_file A file from which the identity key (private key) for public key authentication is read.
[:port]Connect to the target host through Jump Host
-l login_nameSpecifies the user to log in as on the remote machine.
-p portPort to connect to on the remote host.
-xto enable / disable X11 forwarding.
Different SSH Keys
When it comes down to it, the choice is between RSA 2048/4096 and Ed25519 and the trade-off is between performance and compatibility.
RSA is universally supported among SSH clients while EdDSA performs much faster and provides the same level of security with significantly smaller keys.