SSH Advanced Usage Guide

This document explains advanced SSH usage for remote server access: session persistence, file transfer tips, security recommendations, and troubleshooting.

Session persistence (tmux / screen)

Why use it? If your network drops or you close your laptop, processes running in your SSH session will stop. Using tmux or screen keeps them running on the server so you can reconnect and resume.

tmux — quick start

On the server, start a tmux session:

tmux new -s my-work

Detach (leave) the session while keeping processes running:

Ctrl+b then d

Reattach after reconnecting:

tmux attach -t my-work

screen — quick start

screen -S my-work
# reattach
screen -r my-work

File transfer

The StreamGPU servers support file transfer over SFTP. See the SFTP File Transfer Guide for OS-specific and GUI examples.

Port forwarding (local / remote)

Why use it? Port forwarding lets you access a service running on the server (for example, a web app or Jupyter Notebook) from your local browser by creating an SSH tunnel.

Local port forwarding (-L)

Forward a server port to your local machine:

ssh -L 8080:localhost:80 -i ~/.ssh/streamgpu/key.pem awesome@server.example.com -p <port>

Then open http://localhost:8080 in your browser to view the remote service.

ssh -L 8888:localhost:8888 -i ~/.ssh/streamgpu/key.pem awesome@server.example.com -p <port>

Remote port forwarding (-R)

Forward a local port so the server can access a service on your machine. Use with caution.

ssh -R 2222:localhost:22 -i ~/.ssh/streamgpu/key.pem awesome@server.example.com -p <port>

Run jobs in the background

If you want a long-running job to continue after disconnecting, use nohup or run it inside tmux.

# run and save stdout/stderr to a log file
nohup python my_script.py > my_log.txt 2>&1 &

# check jobs
jobs -l
# or find process
ps aux | grep my_script.py

Security recommendations

• Disable direct root login
• Prefer public key authentication (consider disabling password auth)
• Block unnecessary ports with a firewall

Disable password authentication

Edit /etc/ssh/sshd_config and add:

PasswordAuthentication no
PubkeyAuthentication yes

Restart the SSH service (commands vary by distro):

# Ubuntu / Debian
sudo systemctl restart ssh
# CentOS / RHEL / Fedora
sudo systemctl restart sshd
# or older systems
sudo service ssh restart

Disable root login

PermitRootLogin no

Restrict access by IP

sudo ufw allow from <allowed_IP> to any port <SSH_port>

Check the connection log

You can check who connected to your server and when:

last -a

Check currently connected users:

w

Troubleshooting

• "Connection refused"
  Ensure the SSH service is running and the port is correct.
• "Too many authentication failures"
  The client may be trying many keys. Use:

  ssh -o IdentitiesOnly=yes -i ~/.ssh/streamgpu/key.pem awesome@server.example.com -p <port>

• Permission denied during file transfer
  Check remote directory write permissions.
• Windows: Bad permissions / unprotected private key file
  Restrict key permissions with PowerShell:

  icacls "$env:USERPROFILE\.ssh\streamgpu\key.pem" /inheritance:r /grant:r "$env:USERNAME:(R)"

• Windows: PuTTY "Server refused our key"
  Convert your .pem to .ppk with PuTTYgen and use that key.
• Port forwarding not working
  Check that the target port is open on the server and firewall rules permit the connection.