Tricks with SSH
Almost all developers have some sort of experience working with
Secure Shell or
SSH. It allows you to connect to a remote location and communicate securely. In this article, I’ll share couple of tips that will make working with SSH easier.
The basic way of connecting to a remote server is,
It is not easy to remember a bunch of ip addresses and type those in everytime you want to connect to a remote server. SSH allows you to give alias to each connection configuration including hostname, username, port, etc. This is done with
Add a new file,
~/.ssh/config. For each connection, add this block to the config file we just created.
IdentityFile field is optional, and it contains the path of the private key used for identity. An example of this block is given below.
We can log into this remote server with the command,
If you have copied your key to remote as an authorized key with
ssh-copy-id, you will be connected to the remote server. Even tab completion works for the alias names. Pretty convenient, right?
Local Port Forward
SSH can be used to forward ports from a remote server to local system and vice-versa. Now, we’ll talk only about the former, also called local port forwarding. It is generally used to access blocked websites in a network. You can forward any of your local ports to a blocked site, and access it with the assigned local port.
For instance, you can forward your local port 5000 to YouTube with,
Now, you can access YouTube at localhost:5000.
There are a couple of other use cases for local port forwarding. The main one is to access services for local development. Most database in the network will only allow access to localhost and remote access will be blocked by the firewall. While it’s good for security, it would make the database inaccessible for local development.
We can use local port forwarding to solve this issue. Let’s assume, I’ve a Redis database running in
188.8.131.52:16379. If I have SSH access to this remote server, I can forward the remote port
16379 to any of my local port.
We will go through all the different things in this command. The
-L flag for the SSH command tells that it’s a local port forward command.
The basic format of local port forward is,
Here, the local ip is
0.0.0.0. What it does is that, it listens to all hosts in the network. So, any host in your network can access the Redis database with your ip. The local port is
5866. If your local ip address is
10.18.0.13, then Redis database can be accessed by anybody in your network at
10.18.0.13:5866 and for you, it’s
localhost:5866. If your avoid the
local-ip part, only you can access the database.
remote-ip is that of the service, we need to forward. In the case, we are forwarding the database in
184.108.40.206:16379. Now we need to provide the user and host of the remote SSH login. As discussed above, we can replace this with an alias in SSH config.
There are two more flags in the command and these are very important.
-N flag asks the SSH to NOT execute the remote command. This prevents the remote shell from coming up. ‘-f’ flag makes the SSH to go into the background and excute the command like a daemon. Together, we can the flag
In this article, I’ve shared two SSH techniques that saved me a lot of time and helped me with tricky situations. The first one involves using a config file for SSH and other one involves local port forwarding.