ssh-essentials
Essential SSH commands for secure remote access, key management, tunneling, and file transfers.
Best use case
ssh-essentials is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Essential SSH commands for secure remote access, key management, tunneling, and file transfers.
Teams using ssh-essentials should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/ssh-essentials-1.0.0/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How ssh-essentials Compares
| Feature / Agent | ssh-essentials | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Essential SSH commands for secure remote access, key management, tunneling, and file transfers.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# SSH Essentials
Secure Shell (SSH) for remote access and secure file transfers.
## Basic Connection
### Connecting
```bash
# Connect with username
ssh user@hostname
# Connect to specific port
ssh user@hostname -p 2222
# Connect with verbose output
ssh -v user@hostname
# Connect with specific key
ssh -i ~/.ssh/id_rsa user@hostname
# Connect and run command
ssh user@hostname 'ls -la'
ssh user@hostname 'uptime && df -h'
```
### Interactive use
```bash
# Connect with forwarding agent
ssh -A user@hostname
# Connect with X11 forwarding (GUI apps)
ssh -X user@hostname
ssh -Y user@hostname # Trusted X11
# Escape sequences (during session)
# ~. - Disconnect
# ~^Z - Suspend SSH
# ~# - List forwarded connections
# ~? - Help
```
## SSH Keys
### Generating keys
```bash
# Generate RSA key
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
# Generate ED25519 key (recommended)
ssh-keygen -t ed25519 -C "your_email@example.com"
# Generate with custom filename
ssh-keygen -t ed25519 -f ~/.ssh/id_myserver
# Generate without passphrase (automation)
ssh-keygen -t ed25519 -N "" -f ~/.ssh/id_deploy
```
### Managing keys
```bash
# Copy public key to server
ssh-copy-id user@hostname
# Copy specific key
ssh-copy-id -i ~/.ssh/id_rsa.pub user@hostname
# Manual key copy
cat ~/.ssh/id_rsa.pub | ssh user@hostname 'cat >> ~/.ssh/authorized_keys'
# Check key fingerprint
ssh-keygen -lf ~/.ssh/id_rsa.pub
# Change key passphrase
ssh-keygen -p -f ~/.ssh/id_rsa
```
### SSH agent
```bash
# Start ssh-agent
eval $(ssh-agent)
# Add key to agent
ssh-add ~/.ssh/id_rsa
# List keys in agent
ssh-add -l
# Remove key from agent
ssh-add -d ~/.ssh/id_rsa
# Remove all keys
ssh-add -D
# Set key lifetime (seconds)
ssh-add -t 3600 ~/.ssh/id_rsa
```
## Port Forwarding & Tunneling
### Local port forwarding
```bash
# Forward local port to remote
ssh -L 8080:localhost:80 user@hostname
# Access via: http://localhost:8080
# Forward to different remote host
ssh -L 8080:database.example.com:5432 user@jumphost
# Access database through jumphost
# Multiple forwards
ssh -L 8080:localhost:80 -L 3306:localhost:3306 user@hostname
```
### Remote port forwarding
```bash
# Forward remote port to local
ssh -R 8080:localhost:3000 user@hostname
# Remote server can access localhost:3000 via its port 8080
# Make service accessible from remote
ssh -R 9000:localhost:9000 user@publicserver
```
### Dynamic port forwarding (SOCKS proxy)
```bash
# Create SOCKS proxy
ssh -D 1080 user@hostname
# Use with browser or apps
# Configure SOCKS5 proxy: localhost:1080
# With Firefox
firefox --profile $(mktemp -d) \
--preferences "network.proxy.type=1;network.proxy.socks=localhost;network.proxy.socks_port=1080"
```
### Background tunnels
```bash
# Run in background
ssh -f -N -L 8080:localhost:80 user@hostname
# -f: Background
# -N: No command execution
# -L: Local forward
# Keep alive
ssh -o ServerAliveInterval=60 -L 8080:localhost:80 user@hostname
```
## Configuration
### SSH config file (`~/.ssh/config`)
```
# Simple host alias
Host myserver
HostName 192.168.1.100
User admin
Port 2222
# With key and options
Host production
HostName prod.example.com
User deploy
IdentityFile ~/.ssh/id_prod
ForwardAgent yes
# Jump host (bastion)
Host internal
HostName 10.0.0.5
User admin
ProxyJump bastion
Host bastion
HostName bastion.example.com
User admin
# Wildcard configuration
Host *.example.com
User admin
ForwardAgent yes
# Keep connections alive
Host *
ServerAliveInterval 60
ServerAliveCountMax 3
```
### Using config
```bash
# Connect using alias
ssh myserver
# Jump through bastion automatically
ssh internal
# Override config options
ssh -o "StrictHostKeyChecking=no" myserver
```
## File Transfers
### SCP (Secure Copy)
```bash
# Copy file to remote
scp file.txt user@hostname:/path/to/destination/
# Copy file from remote
scp user@hostname:/path/to/file.txt ./local/
# Copy directory recursively
scp -r /local/dir user@hostname:/remote/dir/
# Copy with specific port
scp -P 2222 file.txt user@hostname:/path/
# Copy with compression
scp -C large-file.zip user@hostname:/path/
# Preserve attributes (timestamps, permissions)
scp -p file.txt user@hostname:/path/
```
### SFTP (Secure FTP)
```bash
# Connect to SFTP server
sftp user@hostname
# Common SFTP commands:
# pwd - Remote working directory
# lpwd - Local working directory
# ls - List remote files
# lls - List local files
# cd - Change remote directory
# lcd - Change local directory
# get file - Download file
# put file - Upload file
# mget *.txt - Download multiple files
# mput *.jpg - Upload multiple files
# mkdir dir - Create remote directory
# rmdir dir - Remove remote directory
# rm file - Delete remote file
# exit/bye - Quit
# Batch mode
sftp -b commands.txt user@hostname
```
### Rsync over SSH
```bash
# Sync directory
rsync -avz /local/dir/ user@hostname:/remote/dir/
# Sync with progress
rsync -avz --progress /local/dir/ user@hostname:/remote/dir/
# Sync with delete (mirror)
rsync -avz --delete /local/dir/ user@hostname:/remote/dir/
# Exclude patterns
rsync -avz --exclude '*.log' --exclude 'node_modules/' \
/local/dir/ user@hostname:/remote/dir/
# Custom SSH port
rsync -avz -e "ssh -p 2222" /local/dir/ user@hostname:/remote/dir/
# Dry run
rsync -avz --dry-run /local/dir/ user@hostname:/remote/dir/
```
## Security Best Practices
### Hardening SSH
```bash
# Disable password authentication (edit /etc/ssh/sshd_config)
PasswordAuthentication no
PubkeyAuthentication yes
# Disable root login
PermitRootLogin no
# Change default port
Port 2222
# Use protocol 2 only
Protocol 2
# Limit users
AllowUsers user1 user2
# Restart SSH service
sudo systemctl restart sshd
```
### Connection security
```bash
# Check host key
ssh-keygen -F hostname
# Remove old host key
ssh-keygen -R hostname
# Strict host key checking
ssh -o StrictHostKeyChecking=yes user@hostname
# Use specific cipher
ssh -c aes256-ctr user@hostname
```
## Troubleshooting
### Debugging
```bash
# Verbose output
ssh -v user@hostname
ssh -vv user@hostname # More verbose
ssh -vvv user@hostname # Maximum verbosity
# Test connection
ssh -T user@hostname
# Check permissions
ls -la ~/.ssh/
# Should be: 700 for ~/.ssh, 600 for keys, 644 for .pub files
```
### Common issues
```bash
# Fix permissions
chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub
chmod 644 ~/.ssh/authorized_keys
# Clear known_hosts entry
ssh-keygen -R hostname
# Disable host key checking (not recommended)
ssh -o StrictHostKeyChecking=no user@hostname
```
## Advanced Operations
### Jump hosts (ProxyJump)
```bash
# Connect through bastion
ssh -J bastion.example.com user@internal.local
# Multiple jumps
ssh -J bastion1,bastion2 user@final-destination
# Using config (see Configuration section above)
ssh internal # Automatically uses ProxyJump
```
### Multiplexing
```bash
# Master connection
ssh -M -S ~/.ssh/control-%r@%h:%p user@hostname
# Reuse connection
ssh -S ~/.ssh/control-user@hostname:22 user@hostname
# In config:
# ControlMaster auto
# ControlPath ~/.ssh/control-%r@%h:%p
# ControlPersist 10m
```
### Execute commands
```bash
# Single command
ssh user@hostname 'uptime'
# Multiple commands
ssh user@hostname 'cd /var/log && tail -n 20 syslog'
# Pipe commands
cat local-script.sh | ssh user@hostname 'bash -s'
# With sudo
ssh -t user@hostname 'sudo command'
```
## Tips
- Use SSH keys instead of passwords
- Use `~/.ssh/config` for frequently accessed hosts
- Enable SSH agent forwarding carefully (security risk)
- Use ProxyJump for accessing internal networks
- Keep SSH client and server updated
- Use fail2ban or similar to prevent brute force
- Monitor `/var/log/auth.log` for suspicious activity
- Use port knocking or VPN for additional security
- Backup your SSH keys securely
- Use different keys for different purposes
## Documentation
Official docs: https://www.openssh.com/manual.html
Man pages: `man ssh`, `man ssh_config`, `man sshd_config`Related Skills
acpx
Use the ACPX CLI through DrClaw's existing exec/long_exec tools to run Codex in the current project workspace.
ui-ux-pro-max
[Frontend] Frontend UI/UX design intelligence - activate FIRST when user requests beautiful, stunning, gorgeous, or aesthetic interfaces. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks. Triggers on ui design, ux design, design system, color palette, typography, glassmorphism, claymorphism, neumorphism, bento grid, font pairing, ui-ux-pro-max, stunning interface, beautiful ui.
fetch
Fetch metadata and links from arXiv for a given query.
web_literature_mining
Scientific Literature Mining - Mine scientific literature: PubMed search, arXiv search, web search, and Tavily deep search. Use this skill for scientific informatics tasks involving pubmed search search literature search web tavily search. Combines 4 tools from 2 SCP server(s).
uniprot_deep_analysis
UniProt Deep Protein Analysis - Deep UniProt analysis: entry data, UniRef clusters, UniParc cross-references, and gene-centric view. Use this skill for protein science tasks involving get uniprotkb entry by accession get uniref cluster by id get uniparc entry by upi get gene centric by accession. Combines 4 tools from 1 SCP server(s).
synthetic_biology_design
Synthetic Biology Design - Design synthetic biology construct: gene lookup, codon optimization, protein property prediction, and structure prediction. Use this skill for synthetic biology tasks involving get sequence id DegenerateCodonCalculatorbyAminoAcid calculate protein sequence properties pred protein structure esmfold. Combines 4 tools from 4 SCP server(s).
structural_homology_modeling
Structural Homology & Evolution Analysis - Analyze protein evolution: get gene tree from Ensembl, find homologs, compare sequences, and predict structure. Use this skill for evolutionary biology tasks involving get homology symbol get genetree member symbol calculate protein sequence properties pred protein structure esmfold. Combines 4 tools from 3 SCP server(s).
proteome_analysis
Proteome-Level Analysis - Analyze at proteome level: get proteome from UniProt, gene-centric view, functional annotation from STRING. Use this skill for proteomics tasks involving get proteome by id get gene centric by proteome get functional annotation. Combines 3 tools from 2 SCP server(s).
protein_structure_analysis
Protein Structure Comprehensive Analysis - Comprehensive structure analysis: download PDB, extract chains, calculate geometry, quality metrics, and composition. Use this skill for structural biology tasks involving retrieve protein data by pdbcode extract pdb chains calculate pdb structural geometry calculate pdb quality metrics calculate pdb composition info. Combines 5 tools from 1 SCP server(s).
protein_solubility_optimization
Protein Solubility Optimization - Optimize protein solubility: calculate properties, predict solubility, predict hydrophilicity, and suggest mutations. Use this skill for protein engineering tasks involving calculate protein sequence properties predict protein function ComputeHydrophilicity zero shot sequence prediction. Combines 4 tools from 3 SCP server(s).
protein_similarity_search
Protein Similarity Search - Search for similar proteins: extract sequence from PDB, search structures with FoldSeek, find homologs with STRING, and check UniProt. Use this skill for bioinformatics tasks involving extract pdb sequence foldseek search get best similarity hits between species search uniprotkb entries. Combines 4 tools from 3 SCP server(s).
protein_quality_assessment
Protein Structure Quality Assessment - Assess structure quality: basic info, geometry analysis, quality metrics, composition, and visualization. Use this skill for structural biology tasks involving calculate pdb basic info calculate pdb structural geometry calculate pdb quality metrics calculate pdb composition info visualize protein. Combines 5 tools from 1 SCP server(s).