ssh
15
总安装量
7
周安装量
#22552
全站排名
安装命令
npx skills add https://github.com/chaterm/terminal-skills --skill ssh
Agent 安装分布
opencode
4
claude-code
4
openclaw
3
codex
2
gemini-cli
2
Skill 文档
SSH 管çä¸å®å ¨
æ¦è¿°
SSH å¯é¥ç®¡çãè·³æ¿æºé ç½®ã端å£è½¬åãå®å ¨å åºçæè½ã
åºç¡è¿æ¥
è¿æ¥å½ä»¤
# åºç¡è¿æ¥
ssh user@hostname
ssh -p 2222 user@hostname # æå®ç«¯å£
# æ§è¡è¿ç¨å½ä»¤
ssh user@hostname "command"
ssh user@hostname 'ls -la && df -h'
# 详ç»è¾åºï¼è°è¯ï¼
ssh -v user@hostname
ssh -vvv user@hostname # æ´è¯¦ç»
é ç½®æ件
# ~/.ssh/config
Host myserver
HostName 192.168.1.100
User admin
Port 22
IdentityFile ~/.ssh/id_rsa_myserver
Host dev-*
User developer
IdentityFile ~/.ssh/id_rsa_dev
Host *
ServerAliveInterval 60
ServerAliveCountMax 3
AddKeysToAgent yes
# 使ç¨é
ç½®
ssh myserver
å¯é¥ç®¡ç
çæå¯é¥
# çæ RSA å¯é¥ï¼æ¨è 4096 ä½ï¼
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
# çæ Ed25519 å¯é¥ï¼æ¨èï¼
ssh-keygen -t ed25519 -C "your_email@example.com"
# æå®æ件å
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_work
# ä¿®æ¹å¯ç
ssh-keygen -p -f ~/.ssh/id_rsa
é¨ç½²å ¬é¥
# æ¹å¼1ï¼ssh-copy-id
ssh-copy-id user@hostname
ssh-copy-id -i ~/.ssh/id_ed25519.pub user@hostname
# æ¹å¼2ï¼æå¨å¤å¶
cat ~/.ssh/id_ed25519.pub | ssh user@hostname "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
# æ¹å¼3ï¼ç´æ¥ç¼è¾
ssh user@hostname
echo "public_key_content" >> ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
SSH Agent
# å¯å¨ agent
eval "$(ssh-agent -s)"
# æ·»å å¯é¥
ssh-add ~/.ssh/id_rsa
ssh-add -l # ååºå·²æ·»å çå¯é¥
# 转å agentï¼è·³æ¿æºåºæ¯ï¼
ssh -A user@jumphost
端å£è½¬å
æ¬å°è½¬å
# å°æ¬å°ç«¯å£è½¬åå°è¿ç¨
ssh -L local_port:target_host:target_port user@ssh_server
# 示ä¾ï¼è®¿é®è¿ç¨ MySQL
ssh -L 3306:localhost:3306 user@dbserver
mysql -h 127.0.0.1 -P 3306
# 示ä¾ï¼è®¿é®å
ç½æå¡
ssh -L 8080:internal.server:80 user@jumphost
curl http://localhost:8080
è¿ç¨è½¬å
# å°è¿ç¨ç«¯å£è½¬åå°æ¬å°
ssh -R remote_port:local_host:local_port user@ssh_server
# 示ä¾ï¼æ´é²æ¬å°æå¡
ssh -R 8080:localhost:3000 user@public_server
# ç°å¨å¯ä»¥éè¿ public_server:8080 访é®æ¬å° 3000 端å£
å¨æ转åï¼SOCKS 代çï¼
# å建 SOCKS5 代ç
ssh -D 1080 user@ssh_server
# 使ç¨ä»£ç
curl --socks5 localhost:1080 http://example.com
åå°è¿è¡
# åå°è¿è¡é§é
ssh -fNL 3306:localhost:3306 user@server
# -f åå°è¿è¡
# -N ä¸æ§è¡è¿ç¨å½ä»¤
# -L æ¬å°è½¬å
è·³æ¿æºé ç½®
ProxyJumpï¼æ¨èï¼
# å½ä»¤è¡
ssh -J jumphost user@target
# é
ç½®æ件
Host target
HostName 192.168.1.100
User admin
ProxyJump jumphost
Host jumphost
HostName jump.example.com
User jumper
ProxyCommand
# é
ç½®æ件
Host target
HostName 192.168.1.100
User admin
ProxyCommand ssh -W %h:%p jumphost
å®å ¨å åº
sshd_config é ç½®
# /etc/ssh/sshd_config
# ç¦ç¨å¯ç ç»å½
PasswordAuthentication no
ChallengeResponseAuthentication no
# ç¦ç¨ root ç»å½
PermitRootLogin no
# éå¶ç¨æ·
AllowUsers admin developer
AllowGroups sshusers
# ä¿®æ¹ç«¯å£
Port 2222
# éå¶ç»å½å°è¯
MaxAuthTries 3
MaxSessions 5
# 空é²è¶
æ¶
ClientAliveInterval 300
ClientAliveCountMax 2
# ç¦ç¨ä¸å®å
¨é项
X11Forwarding no
PermitEmptyPasswords no
åºç¨é ç½®
# æµè¯é
ç½®
sshd -t
# éè½½é
ç½®
systemctl reload sshd
常è§åºæ¯
åºæ¯ 1ï¼æ¹éæ§è¡å½ä»¤
# ä½¿ç¨ for 循ç¯
for host in server1 server2 server3; do
ssh $host "uptime"
done
# ä½¿ç¨ parallel-ssh
pssh -h hosts.txt -i "uptime"
åºæ¯ 2ï¼æä»¶ä¼ è¾
# scp
scp file.txt user@host:/path/
scp -r dir/ user@host:/path/
scp user@host:/path/file.txt ./
# rsync over SSH
rsync -avz -e ssh source/ user@host:/dest/
åºæ¯ 3ï¼ä¿æè¿æ¥
# ~/.ssh/config
Host *
ServerAliveInterval 60
ServerAliveCountMax 3
TCPKeepAlive yes
# ä½¿ç¨ autossh
autossh -M 0 -fN -L 3306:localhost:3306 user@server
æ éææ¥
| é®é¢ | ææ¥æ¹æ³ |
|---|---|
| è¿æ¥è¶ æ¶ | æ£æ¥ç½ç»ãé²ç«å¢ãç«¯å£ |
| æé被æç» | æ£æ¥å¯é¥æé (600)ãauthorized_keys |
| Host key åæ´ | ssh-keygen -R hostname |
| Agent 转å失败 | æ£æ¥ AllowAgentForwarding |
| è¿æ¥æå¼ | é
ç½® ServerAliveInterval |
# è°è¯è¿æ¥
ssh -vvv user@hostname
# æ£æ¥å¯é¥æé
ls -la ~/.ssh/
# id_rsa: 600
# id_rsa.pub: 644
# authorized_keys: 600
# ~/.ssh: 700