SSH: Essential Tips and Tricks
Introduction
Secure Shell (SSH) is a powerful tool that allows you to securely access and control remote computers. Whether you’re a system administrator managing servers or a developer pushing code to a Git repository, knowing your way around SSH can significantly boost your productivity. In this blog post, I’ll share a collection of SSH tips and tricks that I’ve found particularly helpful in my work. Whether you’re new to SSH or have been using it for a while, you’re likely to find something of value here.
Choosing an SSH Client
The default SSH client for both macOS and Linux systems is the Terminal application. However, for Windows users, alternatives such as PuTTY, Bitvise SSH Client, and MobaXterm are available. These offer a range of features suited to different user preferences and needs. Here’s how you can use these tools:
-
Terminal (Mac and Linux): Connect to a host by typing
ssh username@host
in the terminal. Replaceusername
with your username andhost
with the IP address of the server you wish to connect to. -
SSH Clients for Windows: You can find a detailed comparison of SSH clients for Windows in this blog. For a simple start, you can use PuTTY or MobaXterm to access servers and use FileZilla for sending and receiving files. Note that the terminal in Visual Studio Code is another great option.
SSH tricks
Here are some SSH tricks that can make your work with remote servers easier and more efficient:
- Copy ID to Remote Server: It’s more secure and convenient to authenticate with a public key rather than a password. Generate a new key pair using
ssh-keygen
, and copy the public key to the remote server withssh-copy-id user@remote
. - Run a Command Over SSH: You can run a command on a remote server without logging into it. The basic syntax is
ssh user@remote "command"
. - Tunnel Other Applications: SSH can provide an authenticated and encrypted connection to remote devices for other applications. For instance, you can establish an HTTP-over-SSH tunnel to a directory named images with a command like this:
$ ssh -L 11000:localhost:80 -N -f -l user01@server01
Then, start a web browser and connect to
http://localhost:11000/images
.
Here’s an explanation of the options in the command above:
-
-L
: Forward the port to the destination device. In this case, it’s a direct mapping of 5901 to 5901 (the default VNC port number). -
-N
: Only forward ports and do not execute commands. -
-f
: Put SSH in the background after the connection is established (freeing the command prompt). -
-l
: This option specifies the remote SSH user and destination server.
Creating an SSH tunnel for a Jupyter Notebook
If you’re doing data science or machine learning work, you might find yourself needing to access a Jupyter Notebook on a remote server. Here’s how you can set up an SSH tunnel to securely access a remote Jupyter Notebook:
- First, ensure that you have SSH access to the remote server and that the Jupyter Notebook server is running on it. You can start the Jupyter Notebook server on the remote machine by running:
jupyter notebook --no-browser --port=<remote_port>
Replace
<remote_port>
with an available port number on the remote server (e.g.,8888
). - On your local machine, create an SSH tunnel with local port forwarding by running:
ssh -L <local_port>:localhost:<remote_port> <user>@<remote_server>
Replace
<local_post>
with an available port number on your local machine (e.g.,8889
),<remote_port>
with the port number you used in step 1,<user>
with your username on the remote server, and<remote_server>
with the remote server’s IP address of hostname.
For example:
ssh -L 8889:localhost:8888 user@exmaple.com
This command forwards the local port 8889
to the remote server’s port 8888
.
- Open a web browser on your local machine and enter the following URL:
https://localhost:<local_port>
Replace
<local_port>
with the local port number you userd in step 2 (e.g.,8889
). - When prompted, enter the Jupyter Notebook token or password. You can find the token in the console output of the Jupyter Notebook server on the remote machine
Using VSCode with an SSH Tunnel
Visual Studio Code (VS Code) is a popular code editor that supports remote development via SSH. Here’s how you can set up an SSH tunnel and use the Remote - SSH extension in VS Code:
- Install the Remote - SSH extension from the VSCode extension marketplace
- Set up the SSH tunnel to forward connections from your local machine to the remote server. You can do this by executing the following command in your terminal:
ssh -L 5901:localhost:5901 -N -f -l user01@server01
This command creates a secure tunnel where
8888
is the port number used by the Jupyter notebook - Once the SSH tunnel is set up, you can connect to the remote server from VSCode. Click on the green bottom-left corner button (or use the command palette
Ctrl+Shift+P
>Remote-SSH: Connect to Host...
), then selectAdd New SSH Host...
and input your ssh commanduser01@server01
. - Open the remote server in a new window. VSCode will install its server on the remote machine and connect to it.
- Now, on the remote machine, start the Jupyter notebook by typing
jupyter notebook --no-browser --port=8888
in the terminal. The--no-browser
option prevents the opening of a web browser on the remote server and--port=8888
specifies the port to use for this notebook. - In your local VSCode, you can open a new browser or a new tab and go to
localhost:8888
. You should be able to see the Jupyter notebook running. - If a token is required, go back to your terminal where you launched the Jupyter notebook. You should see a line that contains token=
. Copy the token and paste it into your browser.
Replace user01@server01
and 8888
with your actual username, server address, and the port you want to use for the notebook.