Master SSH: From Basics to Advanced Port Forwarding and Remote Operations

What is SSH?

SSH is a network protocol that provides encrypted login between computers. It was designed in 1995 by Tatu Ylonen to replace plaintext communication, and is now a standard component of Linux systems.

SSH Login Principle

Basic SSH Usage

Typical syntax:

<code>ssh -p 22 user@host</code>

Parameters:

-p: specify port (default 22)

user: login username

host: remote host

If the port is 22 it can be omitted:

<code>ssh user@host</code>

If the local username matches the remote one, the username can also be omitted:

<code>ssh host</code>

SSH Remote Login Example

Two CentOS 6.5 VMs with IPs 192.168.13.135 and 192.168.13.138.

Check if SSH is enabled:

<code>netstat -ntlp | grep ssh</code>

Connect:

<code>ssh -p 22 [email protected]</code>

On first connection you will see a host key fingerprint prompt; type yes to continue, then enter the password.

To exit, type exit .

SSH Port Forwarding

SSH can forward TCP ports, useful when firewalls block direct access but allow SSH.

Parameters:

<code>-C  # compress data
-f  # go to background after authentication (often with -N)
-N  # do not execute remote command
-g  # allow remote hosts to connect to forwarded ports
-L  # local port forwarding
-D  # dynamic port forwarding
-R  # remote port forwarding
-T  # disable pseudo‑tty allocation
-q  # quiet mode</code>

Local Forwarding

Forward a local port to a remote host:

<code>ssh -L 127.0.0.1:3306:127.0.0.1:3306 [email protected]</code>

Short form (local address omitted):

<code>ssh -L 3306:127.0.0.1:3306 [email protected]</code>

If usernames match, the username can be omitted:

<code>ssh -L 3306:127.0.0.1:3306 192.168.13.14</code>

Data flow diagram:

Remote Forwarding

Forward a remote port to the local machine:

<code>ssh -R 127.0.0.1:80:10.18.78.135:80 [email protected]</code>

This makes the remote host listen on its port 80 and forward traffic to the specified local address.

Dynamic Forwarding

Creates a SOCKS proxy:

<code>ssh -D 1080 user@remotehost</code>

SSH Remote Operations

Execute a command on a remote host:

<code>ssh user@host 'command'</code>

Example: check OS type on host B:

<code>ssh [email protected] 'uname -a'</code>

Copy a directory via a pipe:

<code>tar -cz test | ssh [email protected] 'tar -xz'</code>

Check if a remote port is listening:

<code>ssh [email protected] 'netstat -tln | grep 1080'</code>

SSH Issues

Man‑in‑the‑middle attacks can occur if an attacker spoofs the host’s public key, because SSH keys are not signed by a certificate authority. Users must verify host fingerprints carefully.

Summary

This article covered SSH concepts and common practical methods such as basic login, various port forwarding techniques, remote command execution, and security considerations, providing a solid foundation for further exploration of the protocol’s deeper mechanisms.