Things and Stuff Wiki - an organically evolving personal wiki knowledge base with a totally on-the-fly taxonomy containing topic outlines, descriptions and breadcrumbs, with links to sites, systems, software, manuals, organisations, people, articles, guides, slides, papers, books, comments, screencasts, webcasts, scratchpads and more. use the Table of Contents to navigate and the Small-ToC / Tiny-TOC header links on longer pages. probably not that mobile friendly atm. i am milk on freenode, give me a pm for feedback, or see About for login and further information. / et / em
- 1 General
- 2 Server and client
- 3 Server
- 4 Client
- 5 Management
- 6 Keys
- 7 SCP
- 8 SSHFS
- 9 Security
- 10 X11 forwarding
- 11 Web forwarding
- 12 Tools
- 13 To sort
ssh user@host ssh user@host -p 123 # specify alternate port
- O'Reilly's SSH, The Secure Shell: The Definitive Guide: 1.5. History of SSH
- http://unix.stackexchange.com/questions/309938/is-your-ssh-password-revealed-when-you-attempt-to-connect-to-the-wrong-server 
"Make sure you use full disk encryption and never stand up from your machine without locking it, and make sure you keep your local machine patched. If I get code execution on your machine, I am going to use whatever keys are loaded in your ssh-agent to pivot, hijack your existing open sessions, or modify your ssh client to dump the keys I need. ... Key length is a protection against the future, and against state level actors. Right now, key length doesn't matter much to me because I'm more focused on just stealing your keys from you regardless of length."
Server and client
The OpenSSH suite consists of the following tools:
- Remote operations are done using ssh, scp, and sftp.
- Key management with ssh-add, ssh-keysign, ssh-keyscan, and ssh-keygen.
- The service side consists of sshd, sftp-server, and ssh-agent.
- Dropbear is a relatively small SSH server and client. It runs on a variety of POSIX-based platforms. Dropbear is open source software, distributed under a MIT-style license. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers.
- storm is a command line tool to manage your ssh connections. features; adding, editing, deleting, listing, searching across your SSHConfig. command alias support for your CLI preferences. support for custom SSH directives. scriptable as a python library.
user interfaces besides cli. (web ui, wxpython, unity(ubuntu) indicator.) 
- multissh - A really short but useful shellscript for connecting to all nodes of a cluster using ssh (also thru gateways and trapdoors) and sending commands to all nodes in parallel. It's using DCOP to remote-control a konsole process with the ssh connections in seperate tabs.
Default file name format;
~/.ssh/id_rsa and ~/.ssh/id_rsa.pub RSA key
~/.ssh/identity and ~/.ssh/identity.pub DSA key (old)
ssh-keygen create a key. rsa is default.
ssh-copy-id [-i [identity_file]] [user@]remote ssh-copy-id firstname.lastname@example.org
ssh-copy-id 'email@example.com -p 8129' ssh-copy-id -i ~/.ssh/id_ecdsa.pub '-p 221 firstname.lastname@example.org'
ssh -i ~/.ssh/id_rsa_example.org
Host example.org IdentityFile ~/.ssh/id_rsa_example.org
- sshit - A quick way to manage .ssh/config
- Envoy helps you to manage ssh keys in similar fashion to keychain, but done in c, takes advantage of cgroups and systemd.
- SSH Can Do That? Productivity Tips for Working with Remote Servers
- Tips for Remote Unix Work (SSH, screen, and VNC) 
- HOWTO: set up ssh keys
- Using Rsync and SSH - Keys, Validating, and Automation
scp -P [port] file.txt user@remotehose:~/file.txt
When scp on remote is initiated, it done so with -t flag, which is undocumented but might be required for precise command persmission configuration.
sshfs user@address:/home/user/dir dirtomountto -p [port] mount fusermount -u dirtomountto unmount
fuse: failed to open /dev/fuse: Permission denied
usermod -G fuse [username]
TOTP port fluxing
See GUI#X Forwarding
- https://wiki.archlinux.org/index.php/Shfs - older Linux kernel module which allows you to mount remote filesystems using a plain shell (ssh) connection