SSH Secret Menu

Original Article ↗ Hacker News Discussion ↗

SSH “Secret Menu” / Escape Sequences

  • Main topic: SSH’s escape sequences (e.g., <Enter>~. to kill a stuck session) are described as a “secret menu.”
  • Many long-time SSH users admit they never knew about these sequences, or only knew ~..
  • Several say ~. has been muscle memory for decades and is very useful for hung connections, better than killing the terminal.
  • Some compare it to telnet’s Ctrl+], and note the UI is well designed: ~ must be the first character after a newline, so it rarely triggers accidentally.

Not Really Secret: Documentation & Discoverability

  • Multiple comments insist these are not hidden; they are documented in man ssh under “escape characters” and have been known for years.
  • Others argue this still feels “secret” because most people don’t read man pages deeply; they skim for one flag and leave.
  • Some criticize the ssh man page as “lazy” or “uninformative” and prefer blogs, examples, or tools like tldr or LLMs.
  • There is joking about “RTFM,” “LMGTFY,” and now “ask the LLM,” plus tips like man ssh_config, man -k, apropos, PDF rendering, and custom pagers.

Advanced SSH Features: ProxyCommand, ProxyJump, ControlMaster

  • ProxyCommand is highlighted as powerful: can run SSH over arbitrary transports (serial, Bluetooth, vsock), or integrate with Cloudflare tunnels and password/credential scripts.
  • ProxyJump is described as a convenient, newer shorthand for common SSH-over-SSH hops but less flexible.
  • ControlMaster multiplexing is recommended to reuse an existing connection for instant new sessions and dynamic tunneling (~C), with a suggested config block.

Connection Reliability & Keepalives

  • Hung sessions are often blamed on aggressive timeouts in carrier-grade NAT or stateful middleboxes.
  • One detailed comment proposes tuning TCP keepalive sysctls to keep SSH sessions alive across such networks; others mention SSH ServerAliveInterval, VPNs, Mosh, and Tailscale.
  • There’s debate over how IPv6 and temporary addresses interact with SSH, including a Linux-specific patch and concerns about privacy vs practicality.

Escape Behavior & Shell/Terminal Quirks

  • Several clarify that escape sequences are interpreted by the local SSH client, independent of remote shell mode.
  • Conflicting reports: on some setups, <Enter>~. works at the prompt; on others (e.g., certain shells like fish), it seems to require cat or extra configuration (EnableEscapeCommandline).
  • Discussion touches on how backspace is transmitted, why ~ must be first after newline, and how that explains observed behavior.