---
title: SSH
kind: note
description: industry standard for server connectivity
words: 215
readingMinutes: 1
created: '2024-08-18T14:39:06+02:00'
updated: '2026-03-11T08:42:46+01:00'
website: https://www.openssh.com/
---
## Link

<https://www.openssh.com/>

# Notes
> The **Secure Shell Protocol** (**SSH**) is a [cryptographic](https://en.wikipedia.org/wiki/Cryptography "Cryptography") [network protocol](https://en.wikipedia.org/wiki/Network_protocol "Network protocol") for operating [network services](https://en.wikipedia.org/wiki/Network_service "Network service") securely over an unsecured network.[\[2\]](https://en.wikipedia.org/wiki/Secure_Shell#cite_note-rfc4251-2) Its most notable applications are remote [login](https://en.wikipedia.org/wiki/Login "Login") and [command-line](https://en.wikipedia.org/wiki/Command-line_interface "Command-line interface") execution.
>
Source: [Wikipedia](https://en.wikipedia.org/wiki/Secure_Shell)
# FAQ
## Download a directory from a SSH server into an archive
```bash
scp -r username@hostname:/path/from/remote /path/to/local
```
Source: [StackOverflow](https://stackoverflow.com/a/37387546/1809477)
## Could not load host key: /etc/ssh/ssh_host_ed25519_key
> If you’re getting this error message in the log file, you most likely have the ed25519 HostKey enabled in your sshd_config file but for some reason, no host key was generated for it.
>
> Since openssh-6.4 you can run the ssh-keygen command to generate any missing host keys:
```bash
  ssh-keygen -A
```
Source: <https://trick77.com/could-not-load-host-key-etcsshssh_host_ed25519_key/>
## Starting OpenSSH client from Python
```python
 subprocess.call([
  "ssh", # Path to ssh
  "-i", # Use private key file
  "~/.ssh/id_rsa", # Path to private key
  "user@hostname" # Host and username to connect with
])
```
## Changing the comment field of an RSA key
> All I had to do was
>
> ```shell
> ssh-keygen -c -C "my new comment" -f ~/.ssh/my_ssh_key
> ```
Source: [SuperUser](https://superuser.com/a/1368078/285619)
## Switching directory automatically after connecting with SSH
Add an entry in the local SSH config:
```text filename=~/.ssh/config
Host SOME_HOSTNAME
  RemoteCommand cd DESIRED_DIRECTORY ; /usr/bin/env bash
  RequestTTY yes
```
## Agent forwarding on a connection basis
```shell
ssh -A user@host
```
## Use local aliases on SSH servers
See [Gemini conversation](https://gemini.google.com/share/5059e487e915)
# Resources
- [ArchWiki: SSH keys](https://wiki.archlinux.org/title/SSH_keys)
- [Howto secure openssh-6.x](https://chr4.org/posts/2014-09-13-howto-secure-openssh-newer-versions/)
- [How to Harden SSH with Identities and Certificates](http://159.69.3.96/docs/SSH/Howto_Harden_SSH_With_Identities_And_Certificates.html)
- [OpenSSH - MozillaWiki](https://infosec.mozilla.org/guidelines/openssh)
  > The goal of this document is to help operational teams with the configuration of OpenSSH server and client.
- [new openssh key format and bcrypt pbkdf](https://flak.tedunangst.com/post/new-openssh-key-format-and-bcrypt-pbkdf)
- [OpenSSH key management](https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_keymanagement) on Windows 10, Windows Server 2019 and Windows Server 2022