-1 | Forces ssh to try protocol version 1 only |
-2 | Forces ssh to try protocol version 2 only |
-4 | Forces ssh to use IPv4 addresses only |
-6 | Forces ssh to use IPv6 addresses only |
-A | Enables forwarding of the authentication agent connection |
-a | Disables forwarding of the authentication agent connection |
-b <bind address> | Use bind_address on the local machine as the source address of the connection |
-C | Requests compression of all data (including stdin, stdout, stderr, and data for forwarded X11 and TCP connections) |
-c <cipher spec> | Selects the cipher specification for encrypting the session |
-D <port> | Specifies a local 'dynamic' application-level port forwarding |
-e <escape char> | Sets the escape character for sessions with a pty (default: '~') |
-F <configfile> | Specifies an alternative per-user configuration file |
-f | Requests ssh to go to background just before command execution |
-g | Allows remote hosts to connect to local forwarded ports |
-I <pkcs11> | Specify the PKCS#11 shared library ssh should use to communicate with a PKCS#11 token providing the user's private RSA key |
-i <identity file> | |
-K | Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI credentials to the server |
-k | Disables forwarding (delegation) of GSSAPI credentials to the server |
-L <port:host:hostport> | Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side |
-l <login name> | Specifies the user to log in as on the remote machine |
-M | |
-m <mac spec> | Additionally, for protocol version 2 a comma-separated list of MAC (message authentication code) algorithms can be specified in order of preference |
-N | Do not execute a remote command |
-n | Redirects stdin from /dev/null (actually, prevents reading from stdin) |
-O <ctl cmd> | Control an active connection multiplexing master process |
-o <option> | |
-p <port> | Port to connect to on the remote host |
-q | Quiet mode. Causes most warning and diagnostic messages to be suppressed |
-R <port:host:hostport> | Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side |
-S <ctl_path> | Specifies the location of a control socket for connection sharing, or the string 'none' to disable connection sharing |
-s | May be used to request invocation of a subsystem on the remote system |
-T | Disable pseudo-tty allocation |
-t | |
-V | Display the version number and exit |
-v | - Repeatable ♾
- Repeatable 3x
|
-W <host:port> | Requests that standard input and output on the client be forwarded to host on port over the secure channel |
-w <local tun> | Requests tunnel device forwarding with the specified tun(4) devices between the client (local_tun) and the server (remote_tun) |
-X | Enables X11 forwarding |
-x | Disables X11 forwarding |
-Y | Enables trusted X11 forwarding |
-y | Send log information using the syslog(3) system module |