Also remember that if you are sshing to a box (call it A) and then ssh-ing from there to another box (call it B) and you want to close the connection to B then you need to use "~~." SSH on your local computer will see "~~" and will send a single "~" to A. A will see "~." and close the connection to B.
Basically, however deep you are you need to send that many ~s before the period.
Note that the "up arrow" referred to in the song is not the current up arrow on the cursor keypad. Some early versions of ASCII-ish had an up arrow where the caret is now. And telnet actually mostly used control-], not control-^ anyway. I seem to recall Steele saying that he used "up arrow" because it worked better in the lyrics. I heard Steele sing this once and I think I recorded it.
No, not exponential. The escape sequence is: <newline> then '~'. Anything after the '~' is special. In other words, only the first '~' appearing directly after a new line is special.
For example, <newline>~~~~ will send <newline>~~~ to the remote side.
You need to enter ~ after pressing return (or else you have a bad time editing command lines involving home directories), so in practice only the first ~ each SSH instance sees needs escaping.
It's convenient there (and probably not accidental!) that Unix usernames are usually lowercase, so if you want to run a command like
~otheruser/bin/cat
it won't conflict with an ssh escape sequence (although you won't see the ~ appear until you've typed ~o).
On the other hand,
~Randomuser/bin/cat
would be impossible to type immediately at a new command prompt over an ssh connection (though of course it's possible to run such a command by typing anything such as "x<Backspace>" first).
This is useful to know, especially if it works with agent forwarding. I default to agent forwarding off, but invariably forget to enable it the few times I need it.
I really don't like that this requires the first key to be Enter.
In the edge-case scenario of a glitchy link that appears frozen, it's entirely possible that my Enter keypress might actually make it through and then do something I don't want.
I've had mouse and keyboard input get through to seemingly-frozen VNC sessions, so...
Yep, as I wrote below another comment, I share the same sentiment. To mitigate the risk somewhat, I tend to press Ctrl-C a few times before hitting enter to initiate the escape sequence (there are some edge cases where you need more than one Ctrl-C to interrupt).
Still not satisfied about it, as there are plenty of situations where that doesn't help. Being in emacs, for example, it could make things worse...
My solution is to use a stateless in-application (where I expect to be) command to switch to a different window (In this case, the server chatter window) where pasting the line is an error since there's no command.
It usually works...
I agree that it would be nice if /any/ terminal escape sequence followed by ~ would initiate the escape.
Yeah. I can understand where they are coming from, at least with tilde as the escape character it would be highly inconvenient if it happened all the time, but I still a bit unhappy about having to press enter before being able to terminate a stuck session. That's usually not something I want to actually send, should the session not be as dead as I thought it was.
Are you sure? I never noticed that. As an experiment, I did this in an ssh session from macOS to OpenBSD:
stty raw; cat
... and while every key I tried now had its literal effect, including enter producing only a carriage return and Ctrl-C, Ctrl-V etc. producing their control characters (I think, I cannot see them :) ), <enter>~. still terminated the connection. Lucky terminal combination maybe?
Hmm, I just tried it with stty raw and you're right.
It has happened to me though. Maybe a curses crash can leave it a state other than raw? One of the other modes such as inlcr plus ..? Also I suspect smart terminals and shells prevent a interactive session from getting too crazy.
Others have mentioned that this is of course in the manual for OpenSSH. I recommend the Escape sequences section of the HP/UX manual for rlogin as useful reading, not least because it explains things that the OpenSSH manual does not, and actually answers questions brought up in discussion on this very page.
I learned this unexpectedly: I run ipmitool on a bastion host, and it uses similar sequences, like ~., to terminate a Serial over LAN session. I've had to remember to key ~~. so that the first tilde is able to get through to ipmitool.
Speaking of telnet, that protocol was actually much richer and had many more features than it would seem at a casual look.
I learned that when implementing a tiny part of the telnet protocol in a retro computer emulator's serial port emulation routines, mostly just to enable character mode and proper (non-)echoing. (I also implemented the RS232 control lines, so that telnet'ing into the port actually behaved like a physical terminal would with respect to carrier detect and all that, but I think there wasn't any overlap with the telnet protocol itself. Maybe flow control.)
Telnet also uses TCP's out of band data mechanism to send "urgent data" and a DATA MARK to interrupt and synchronize with runaway processes, and send important commands around flow control and before buffered data.
(Oh, Don Hopkins answering. I read you so often on TUHS!)
Didn’t know that, seems useful. Especially because another comment in this thread since mentioned that they often kill their ssh sessions because of runaway processes.
Overall, it seems to me that a lot was lost when giving up telnet.
I wrote a terminal emulator for the Apple ][ + Videx 80 column card in FORTH and reverse polish notation 6502 code, that supported SUPDUP including the line saving protocol that RMS hacked into ITS and EMACS (%TDSAV %TDRES), so Emacs could stash lines on the screen in a memory buffer (on the Apple's bank switched RAM card) and restore them later to paint the screen quickly when scrolling back and forth. (That was great at 300 baud!)
This is just the part of it that interprets SUPDUP codes -- layered on top of the rest of the terminal emulator that emulated H19 (VT52 + character/line insert/delete):
Marc Crispin (the author of the SUPDUP RFC #734, who was famous for his catchphrase "MM is not at fault!") also wrote another RFC #748 documenting the Telnet Randomly-Lose Option, which was useful for fuzzball testing.
IAC WILL RANDOMLY-LOSE
The sender of this command REQUESTS permission to, or confirms
that it will, randomly lose.
IAC WON'T RANDOMLY-LOSE
The sender of this command REFUSES to randomly lose.
IAC DO RANDOMLY-LOSE
The sender of this command REQUESTS that the receiver, or grants
the receiver permission to, randomly lose.
IAC DON'T RANDOMLY-LOSE
The command sender DEMANDS that the receiver not randomly lose.
On my keyboard layout tilde is a dead key that requires three keypresses, so the usual disconnection command with the appropriate precautions is usually something like this:
Esc Esc Esc Ctrl-U Ctrl-C Enter AltGr-] Space .
OpenSSH lets you map EscapeChar to something more convenient, but it doesn't allow multibyte characters.
If your keyboard layout had pile of poo where your tilde key currently is, you would not be joking. The problem is that even Latin-based international layouts have quite a few characters that don't fit in the ASCII range.
Do you never have to terminate a stuck session? <enter>~. to do so is practically muscle memory. The other sequences I cannot remember either, since their frequency of use is several orders less for me, but ~? is pretty intuitive to find out.
Not the OP but I generally don't need to use <enter>~. because I have my terminal multiplexed in tmux so will kill the tmux pane rather than OpenSSH session.
The main reason I prefer to kill via tmux rather than OpenSSH is because sometimes I'll be connected several sessions deep (eg via a Bastian / SSH jumpbox or tmux itself might be running remotely) so the tmux kill is easier than having to remember whether I need to ~. or ~~.
But ultimate there is no right nor wrong way to do things here, it's all just a question of preference and habit.
Typically I just wait for timeout, or open a new session (remote tmux session makes this quite painless). Plenty of other things to do, usually, waiting a couple minutes every week or three doesn't bug me enough to google.
I always wanted a serial transfer available from this escape so I could drop into sftp mode or kermit/xmodem/zmodem files over inside of the same session.
There are actually more things supported by ssh than are exposed here (clone and stuff) but just not implemented in openssh's ssh client.
I am sad to say how often I've used ~. to close an SSH session because I entered an `ls -latr` command on a really huge directory. Ctrl+Z, Ctrl+C, Ctrl+\ would not halt the output, and it was faster to just terminate the session and come back in than wait for the output to finish.
I spend quite some time in ssh sessions and have learned that "Enter~." terminates a connection when it gets unresponsive, but I never bothered to understand it. This actually explains it.
I checked, and it is indeed an OpenSSH feature. According to the release notes, it was added in v2.2.0, but you can actually tell just by the perverse choice of ~ as an escape character!
In many European keyboard layouts, including the Finnish layout used by original SSH's author, tilde (~) is a compose key and a chore to type. It is usually expressed by typing AltGr+¨ followed by Spacebar:
https://en.wikipedia.org/wiki/Tilde#Keyboards
English is one of the few keyboard layouts where a person can express ~ with one, rather than two, handstrokes. For others, terminating an SSH session with the escape character usually requires blindly typing this four-part sequence: Enter, AltGr+¨, Spacebar, Dot.
I know you can change the escape character with ssh_config(5), but no one who used a non-English layout would have ever chosen ~ as the default to start with. I've always felt like it had to be an OpenSSH-specific feature, because I knew the original author of SSH (before the open-source codebase became OpenSSH) used the same KB layout as myself. ;)
Which AFAIK uses a cygwin build of OpenSSH, the only non-cygwin builds are the main GUI, maybe some helper tools, and the X11 Server. The commandline is a cygwin busybox.
To be fair, who of us reads every manpage for every command that they use? (And I mean reading, not just skimming.)
I mean, it's a good practice to read manpages every now and then, just to learn new stuff (in the same way that there are always new vim commands to learn). But we encounter so many comands with so many options that knowing all of the options is just implausible.
Aside from the common dislike for AMP centralising everything on Google's servers, I also dislike AMP links for the same reason I dislike mobile links to sites when I'm using a desktop PC.
The AMP versions usually lose formatting and links, and are designed to be read on a small mobile screen. I'd rather have the full version when I have a big screen available.
Did you even click the link? It's not hosted on Google's server and it looks great. Much less clutter than the non-AMP version, and loads faster as well of course.
Normal website works fine without cookies and javascript. AMP version does not. It gives you a blank page. Thus, AMP is bad, since a simple HTML page like this one should never require javascript to just display the contents.
Wait I thought we were all annoyed that AMP was being served by Google (at google.com even). At least that was my beef, that and clicking the X took me back to Google instead of to the actual site.
Self hosted AMP is just a lightweight version of the site isn't it?
The AMP version requires a script from cdn.ampproject.org to display any content. I'm extremely annoyed by this new craziness where a 3rd-party script/xhr is required to display the content/images. This is more than just sloppiness on the development side, this risks user privacy as well.
You are right, but to be fair, I did migrate that website from Github so there are artifacts from the giant pile of mess that was my Jekyll config and I even wrote my own static generator (like the next webdev) to get rid of all the dependencies but this side-project never finished (I was experimenting with formatting/highlighting to inline gists as you can see in the last post but then I got bored).
I can't fight the spam bots myself so I have to hide my email behind that captcha for practical reasons (which is not a part of my site, it is a popup).
Other than that, there are nothing 3rd-party there. And everything loads pretty fast without any alien scripts (or any scripts at all for that matter).
It's interesting that people go out of their way to complain about their privacy being invaded by cameras, drones, the NSA snooping backbones, google, etc but most of us are fine with out browsers connecting to 61 different domains (CNN.com) to render a 3 paragraph news story.
The craziness is that more and more sites won't even render anymore without third-party javascript. Without bootstrap, jquery, fonts, etc, at least the page will still work, and it will work better because there's no bootstrap, jquery, fonts, etc.
Mind you, these are sites that can be served perfectly with a 1Kb HTML page + a bit of CSS. Not web apps or anything, where I understand you'd want to load a bunch of XHR requests.
Basically, however deep you are you need to send that many ~s before the period.