2.6k
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill ssh-tunnel- _meta.json284 B
- SKILL.md9.9 KB
Overview
This skill teaches practical SSH tunneling, port forwarding, and secure remote access patterns. It focuses on local, remote, and dynamic forwards, jump hosts, multiplexing, key management, file transfer, and common debugging steps. The goal is fast, reliable remote access and safe operational patterns for development and production workflows.
How this skill works
It inspects and documents concrete SSH commands, ~/.ssh/config patterns, and operational procedures to set up tunnels, jump hosts, and connection reuse. It explains how to generate and deploy keys, start agent forwarding, run scp/rsync over SSH, and diagnose connection failures with verbose logging and network tests. Examples include command-line snippets, config blocks, and troubleshooting fixes you can apply immediately.
When to use it
- Access a remote database through a firewall using a local port forward
- Expose a local development server to a remote machine with a remote forward
- Route browser or CLI traffic through a remote SOCKS proxy (dynamic forward)
- Connect to internal hosts through bastion/jump servers
- Transfer files securely or sync directories with scp/rsync
- Diagnose and fix SSH authentication, connectivity, and permission issues
Best practices
- Store reusable options in ~/.ssh/config and use named hosts rather than long commands
- Prefer Ed25519 keys for new keys; use passphrases or agent lifetimes for automation
- Enable ControlMaster/ControlPersist to multiplex and speed repeated connections
- Use ProxyJump instead of agent forwarding when possible for safer delegation
- Use rsync over SSH for directory syncs and big transfers; use --partial/--progress for resumable copies
- Keep strict permissions on ~/.ssh and keys to avoid authentication issues
Example use cases
- ssh -L 5432:localhost:5432 user@remote to query a remote PostgreSQL locally
- ssh -R 8080:localhost:3000 user@remote to expose a local dev server to a remote host
- ssh -D 1080 user@remote to create a local SOCKS5 proxy and route browser traffic
- ssh -J bastion user@internal to reach internal servers through a bastion host
- rsync -avz -e "ssh -i ~/.ssh/deploy_key" ./build/ user@remote:/var/www/ to deploy artifacts
- Use ControlMaster sockets to speed up repeated scp/rsync operations to the same host
FAQ
Use ssh -fN with -L/-R/-D to background after authentication. Alternatively configure ControlPersist to keep a master connection alive.
What fixes a Permission denied (publickey) error?
Check file permissions on ~/.ssh and authorized_keys, ensure the correct key is offered (ssh -G or ssh -o IdentitiesOnly=yes -i <key>), and inspect server auth logs for details.