OpenSSH SSH client (remote login program)
|
-N Do not execute a remote command. This is useful for just forwarding ports (protocol version 2
only).
|
-T Disable pseudo-tty allocation.
|
-o option
Can be used to give options in the format used in the configuration file. This is useful for
specifying options for which there is no separate command-line flag. For full details of the
options listed below, and their possible values, see ssh_config(5).
AddressFamily
BatchMode
BindAddress
ChallengeResponseAuthentication
CheckHostIP
Cipher
Ciphers
ClearAllForwardings
Compression
CompressionLevel
ConnectionAttempts
ConnectTimeout
ControlMaster
ControlPath
DynamicForward
EscapeChar
ExitOnForwardFailure
ForwardAgent
ForwardX11
ForwardX11Trusted
GatewayPorts
GlobalKnownHostsFile
GSSAPIAuthentication
GSSAPIDelegateCredentials
HashKnownHosts
Host
HostbasedAuthentication
HostKeyAlgorithms
HostKeyAlias
HostName
IdentityFile
IdentitiesOnly
IPQoS
KbdInteractiveDevices
KexAlgorithms
LocalCommand
LocalForward
LogLevel
MACs
NoHostAuthenticationForLocalhost
NumberOfPasswordPrompts
PasswordAuthentication
PermitLocalCommand
PKCS11Provider
Port
PreferredAuthentications
Protocol
ProxyCommand
PubkeyAuthentication
RekeyLimit
RemoteForward
RequestTTY
RhostsRSAAuthentication
RSAAuthentication
SendEnv
ServerAliveInterval
ServerAliveCountMax
StrictHostKeyChecking
TCPKeepAlive
Tunnel
TunnelDevice
UsePrivilegedPort
User
UserKnownHostsFile
VerifyHostKeyDNS
VisualHostKey
XAuthLocation
|
-p port
Port to connect to on the remote host. This can be specified on a per-host basis in the
configuration file.
|
-R [bind_address:]port:host:hostport
Specifies that the given port on the remote (server) host is to be forwarded to the given host and
port on the local side. This works by allocating a socket to listen to port on the remote side,
and whenever a connection is made to this port, the connection is forwarded over the secure
channel, and a connection is made to host port hostport from the local machine.
Port forwardings can also be specified in the configuration file. Privileged ports can be
forwarded only when logging in as root on the remote machine. IPv6 addresses can be specified by
enclosing the address in square braces.
By default, the listening socket on the server will be bound to the loopback interface only. This
may be overridden by specifying a bind_address. An empty bind_address, or the address ‘*’,
indicates that the remote socket should listen on all interfaces. Specifying a remote bind_address
will only succeed if the server's GatewayPorts option is enabled (see sshd_config(5)).
If the port argument is ‘0’, the listen port will be dynamically allocated on the server and
reported to the client at run time. When used together with -O forward the allocated port will be
printed to the standard output.
|
-i identity_file
Selects a file from which the identity (private key) for public key authentication is read. The
default is ~/.ssh/identity for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa and
~/.ssh/id_rsa for protocol version 2. Identity files may also be specified on a per-host basis in
the configuration file. It is possible to have multiple -i options (and multiple identities
specified in configuration files). ssh will also try to load certificate information from the
filename obtained by appending -cert.pub to identity filenames.
|
ssh connects and logs into the specified hostname (with optional user name). The user must prove his/her
identity to the remote machine using one of several methods depending on the protocol version used (see
below).
If command is specified, it is executed on the remote host instead of a login shell.
|