In the man page of ssh, it says:
-N Do not execute a remote command. This is useful for just forwarding ports.
I don't understand what it means by "Do not execute a remote command."
Can someone explain it to me?
Normally, the ssh
program runs a command on a remote system (using the remote user's shell). For example, ssh user@server ls -l /tmp
lists the content of the /tmp directory on server
. When you leave the command out, as in ssh user@server
, an interactive login session with the user's shell is launched.
One of the features of OpenSSH is the creation of tunnels. The -D
, -L
and -R
options use various techniques that allow the forwarding of network ports, also known as tunneling. By default, a tunnel created with ssh
exists as long as the command executed by ssh
runs on the remote server.
Often though, you are not interested in running a remote command; all you want is the tunnel. This is what the -N
option is for.
ping localhost
as the remote command; this generates enough activity for the session to stay open.
Commented
Feb 25, 2021 at 8:41
Usually, ssh
will give you a remote shell by executing what is set up as your remote users login shell (e.g. /bin/bash
). -N
will prevent running anything, which is useful when you just want to use ssh
to establish a connection and you don't need a remote shell.
e.g. forwarding ports or creating tunnels:
ssh -N -L 8080:127.0.0.1:80 user@server
And this is not only useful for forwarding ports.
E.g.: I use it in combination with -f
and ControlMaster
and ControlPath
options (e.g. set up in .ssh/config), it can be used to create reusable connections.
ssh -fN user@server # creates connection in the background that can be reused.