I see lots of seasoned admins and cloud provider wrapper scripts use ssh client command as follows in shell:
ssh nixcraft@server1.cyberciti.biz --
What the double “--” (double dash) does here? Why it is used in this shell command and why not just use the ssh nixcraft@server1.cyberciti.biz syntax? What is the meaning of the -- in there?
This quick tutorial explains the use of the double-dash in shell and ssh commands. But, first, let us see what it does and when you might need it.
| Tutorial details | |
|---|---|
| Difficulty level | Easy |
| Root privileges | No |
| Requirements | Linux/Unix/macOS shell |
use gcutil ssh vmNameHere python wrapper. It will display and execute ssh as follows:ssh -o UserKnownHostsFile=/dev/null This syntax ensures that you can run commands on the remote server without ssh parsing them: ssh nixcraft@server1.cyberciti.biz -- command1 --arg1 --arg2The above syntax tell ssh not try to parse --arg1 and --arg2 after -- command line options. This ensures that command1 will accept --arg1 and --arg2 (or -opt1) as command-line arguments. What does a double-Dash in shell commands mean?In other words, a -- (double-dash) in a shell command indicates the end of options and incapacitates further option processing for the Unix or Linux command. ## safe examples ## ssh nixcraft@server1.cyberciti.biz -- --commandName --arg1 --arg2 This kind of behavior is mostly defined and handled by the ssh command and not by your bash/ksh/csh/sh/fish or any other Unix shell. This is also true for many other Linux and macOS commands. When is it needed?So now you know more about double-dash, and specific Unix commands only support it. Sadly, not all Linux commands support the double-dash syntax and feature. So when is it needed? For example you can not create or view a file named --file or -f using cat command, run: ## This should fail ## cat --file cat -f Instead try passing double dash “--” to instruct cat command not to try to parse what comes after command line options: ## This should work ## cat -- --file cat -- -f Let us try to remove a file named ‘--file‘: rm --file # fail # rm -- '--file' # works You can pass options to the rm command as follows: rm -v -i -- '--file' rm -f -v -i -- '--f' 
What does “--” (double-dash) mean under Linux, macOS or Unix-like OS? Shell script exampleWe can use the lxc command command as follows to update the Linux container powered by LXD as follows: lxc exec bash-wiki -- apt update lxc exec bash-wiki -- apt -y upgrade lxc exec nginx-proxy --env DEBIAN_FRONTEND=noninteractive -- sh -c "/usr/bin/apt-get update && /usr/bin/apt-get -y upgrade" Not all commands support -- syntaxA word of caution, not all commands support -- syntax, and it will not work with all Unix or Linux commands. For instance: /usr/bin/echo -- -n echo -- --test From bash documentation:
ConclusionWe explained what the double-dash (--) do in shell commands or commands executed using ssh. The first -- command-line argument that is not an option-argument should be accepted as a delimiter indicating the end of options. Any following arguments should be treated as operands, even if they begin with the ‘-‘ or ‘--‘ character. It is a safety feature, but we also know that not all Linux/Unix commands support such options. You may also want to read the following tutorial useful: Make sure you read bash man page by tying the following man command or help command for internal commands: ADVERTISEMENT 
| |