Wikipedia says: “Secure Shell (SSH) is a cryptographic network protocol for secure data communication”. Briefly, it’s a protocol used mainly for remote connecting to computers. From its predecessor (Telnet) it differs mostly in the way the connection is handled – the whole communication is being encrypted.
Most developers and administrators using SSH to simply access to the command line of the remote computer (called “console”). However SSH provides much more…
Remote and local ports tunneling
Local tunneling allows you to redirect incoming traffic on a local port to the appropriate remote port. For instance, we can “connect” the local port 4406 MySql database that is running on the server 3306 port (for security reasons MySql server may not be accessed remotely in a direct way). To achieve that, use the “–L” when connecting to the server:
ssh -L 4406:127.0.0.1:3306 user@host
Once the SSH connection is established, you should be able to connect to the remote database server on your local port 4406.
Remote tunneling is kind of a reversed mechanism, redirects traffic from the remote port to the appropriate local port. So similarly to the previous example, to allow connections to your local database (running on the standard 3306 port) on the server’s 4406 port, use the “–R” option:
ssh -R 4406:127.0.0.1:3306 user@host
Remote start GUI programs
SSH allows remote execution of programs in graphic mode. For example, to remotely run graphical interface Nautilus file browser just type (“-X” – X11 forwarding, “f” – the background):
ssh- fX user@host nautilus
Remote running programs in the graphic mode may cause some delays in the user interface, mainly due to the connection speed limitations.
Use SSH in the I/O stream
Redirecting a processes input and output can greatly simplify advanced operations. For example, shifting a copy of MySql database from the local machine to the remote machine can be executed as a single command :
mysqldump -uLocalDbUser -pRemoteDbPassword LocalDbname | ssh user@host 'mysql -uRemoteDbUser -pRemoteDbPassword RemoteDbName'
Or a simple comparison of a local file to a file on the remote computer:
ssh user@host 'cat /path_to/remote_file' | diff /path_to/local_file
I would like to emphasize again that the communication in the SSH is encrypted, therefore, all the above steps are safe (e.g. SQL export files do not run the network as a clear text).
I hope that the presented commands can be helpful for any programmer or administrator!