Favorites for scripting including the ability to run any command or script on the remote.

  ssh remotehost reboot

Heredoc syntax also works:

  ssh remotehost <<'EOF'
  ls
  cat /etc/passwd
  reboot
  EOF

My favorite Konami code level of cheat: ssh escape sequences. On a new line: ~. to terminate a connection that’s stuck. Or ~? for more help.

Since it's sometimes unclear whether you are on a new line in a stuck terminal, I find it simpler to remember the sequence as [Return][~][.]

Great one! This needs communicated more broadly. I spent too many years of my life killing terminals because of a dead ssh connection.

Better yet, use Mosh.

https://mosh.org/

Thanks, indeed a great one! Will put it in the article.

PSA: scp is deprecated.[1] Please use sftp.[2]

[1] https://lwn.net/Articles/835962/

[2] https://man.openbsd.org/sftp.1

scp uses sftp protocol by default since v8.8. You'll need to pass `-O` parameter to explicitly use the legacy scp protocol if you still need it for backward compatibility reason.

As an scp user, this article was not a great advertisement for sftp. It listed a whole host of problems that don't apply to me, then finished with:

"[sftp] disadvantage is a much less friendly user experience, especially in cases where one simply wants to type a command and see files move."

I just want to copy a file. I'll keep using scp.

I had that thought too, but rsync should mostly replace it. I have run into situations where rsync isn't available so scp -r has been helpful though.

IIRC, wasn't scp going to be rewritten in terms of SFTP behind the scenes?

The scp command uses the SFTP protocol since OpenSSH 9.

Didn't know that! Thank you, will update the post.

a few more examples on ssh tunnels : https://cloudbase.200013.net/doc/linux/ssh/ssh_tunelling.htm...

That is a useful guide - I used to do that with Spotify long time ago, when I was living in a different country

I like how this guide also takes Windows into account, it has some unique challenges.

I have written some notes especially on SSHFS (also for Windows!) and tunnels with SSH (e.g. SOCKS proxy) as an OrgPage: https://www.orgpad.com/s/wRIx3rNLZ6y These tricks saved my bacon so many times already. Most of it can be used with the FUDO PAM jump host appliance (https://fudosecurity.com/fudo-pam/) that is based on FreeBSD and one of the developers spoke about it and other things on https://www.bsdnow.tv/ I think. Some of it works with OpenWRT's Dropbear nicely as well.

I also find `ssh-copy-id` useful.

I like the idea for multiple Github accounts, but I have concerns over the suggestion:

``` Host github-work.com .. Host github-personal.com ```

Getting in the habit of using a fake FQDN (which right now aren't registered) feels pretty risky.

This is a nifty trick, but I recently had an issue where it would offer my other keys even with IdentitiesOnly yes specified in ~/.ssh/config. I found a solution [1], but it's not the most elegant.

[1] https://superuser.com/a/859719

The most annoying "feature" of ssh for me is the discrepancy between public keys presentations. How I suppose to verify fingerprint of a new server if it uses a different presentation in the keys file?

> ssh-keygen -t rsa -b 4096 -C "your@email.com"

Is there any evidence that 2048 bit RSA keys are insufficient?

4096 bit keys are absolutely huge. I don't know if working with them is also slower, but I would guess so.