====== ssh ======
==== Keyboard shortcuts ====
^ Combo ^ Effect ^ Example ^
| <key>Return</key> <key>~</key> <key>.</key> | Terminate session | |
| <key>Return</key> <key>~</key> <key>~</key> <key>.</key> | Terminate session //within// another session | |
| <key>Return</key> <key>~</key> <kbd>Ctrl+Z</kbd> | Background ssh | |
| <key>Return</key> <key>~</key> <key>c</key> | Open command line (add/remove port forwardings) | Enter command line, then ''-L 8443:localhost:443'' <key>Return</key> |
| <key>Return</key> <key>~</key> <key>?</key> | Show all shortcuts | |
==== Options ====
^ Flag ^ Function ^ Example ^
| ''-A'' | forward key to authenticate to other machines | ''ssh -A $SERVER'' |
| ''-D'' | dynamic port forwarding (SOCKS proxy) | ''ssh -D 55555 $SERVER'' |
| ''-g'' | allow remote hosts to connect to locally forwarded hosts | ''ssh -g -L 8080:localhost:80 $SERVER'' |
| ''-i'' | specify private key | ''ssh -i alt-ed25519 $SERVER'' |
| ''-L'' | forward remote port 80 to local port 8080 | ''ssh -L 8080:192.168.0.4:80 $SERVER'' |
| ''-N'' | don't execute any command or shell on connection | |
| ''-t'' | pseudo-terminal | ''ssh -t $SERVER tmux attach'' |
| ''-R'' | forward local port 80 to remote port 8080 | ''ssh -R 8080:localhost:80'' |
| ''-X'' | enable X forwarding | ''ssh -X $SERVERNAME'' |

==== Useful combinations of options ====
^ Example ^ Description ^
| ''ssh -f -N -L 8080:localhost:80 $SERVER'' | forward remote port 80 without opening a shell (daemon-style) |
| ''ssh -fMN $SERVER'' | Create a master session without opening a shell (see below: ''ControlMaster'' |

==== Client configuration (~/.ssh/config) ====
=== Host Matching ===
^ Pattern ^ Effect ^
| ''*'' | match any host |
| ''bob'' | match "bob" |
| ''192.168.0.1?'' | match 192.168.0.10-19 |

=== Available Options ===
^ Option ^ Description ^
| ''Compression'' | whether to use compression (-C) |
| ''ControlMaster [auto]'' | use a single TCP connection for all sessions to this host |
| ''ControlPath [socket path]'' | use this socket for the master session |
| ''DynamicForward [port]'' | dynamic forwarding (-D) |
| ''ForwardAgent'' | whether to use authentication forwarding (-a) | 
| ''ForwardX11'' | always redirect X11 connections |
| ''HostName'' | actual address of the target machine |
| ''IdentityFile'' | use this key instead of the default file |
| ''Port'' | which port to connect to |
| ''ProxyJump'' | connect to this ssh server and connect to target machine from here |
| ''StrictHostKeyChecking [no]'' | (Don't) ask when host is not in known_hosts |
| ''UseKeychain'' | use Keychain to remember ssh passphrase (macOS only) |
| ''User'' | |


=== Example ===
<code sshconfig>
Host *
	UseKeychain yes

Host server1-www
	HostName example.com
	User user
	Port 41234
	ControlMaster auto
	ControlPath ~/.ssh/cm_socket/%r@%h:%p
	IdentityFile ~/.ssh/private_id_ed25519

Host server2-www
	HostName inky
	User username
	ProxyJump server1-www
	IdentityFile ~/.ssh/private_id_ed25519
</code>