SSH Login

Starts a connection using the SSH protocol to a remote server.

Command availability: IBM RPA SaaS and IBM RPA on premises


Starts a connection using the SSH protocol to a remote server according to configuration instructions such as server, user, password, and authentication keys.

Script syntax

IBM RPA's proprietary script language has a syntax similar to other programming languages. The script syntax defines the command's syntax in the script file. You can work with this syntax in IBM RPA Studio's Script mode.

startSSH --host(String) --username(String) [--password(String)] [--port(Numeric)] --keygen(String) [--passphrase(String)] [--timeout(TimeSpan)] (SSHSession)=value

Input parameters

The following table displays the list of input parameters available in this command. In the table, you can see the parameter name when working in IBM RPA Studio's Script mode and its Designer mode equivalent label.

Designer mode label Script mode name Required Accepted variable types Description
Server host Required Text SSH server host address.
User Name username Required Text Username for server access.
Password password Optional Text Password for server access.
Port port Optional Number Port number to connect to SSH server host address.
Note:If no port is entered, the default port(22) is used.
Private Key keygen Required only when the pass-phrase is specified Text File containing the private key pairs (authentication keys) for authentication to the SSH server.

Important: See the commands Limitations.
Pass-Phrase passphrase Optional Text Passphrase that is associated with the private key file specified in the Private Key parameter.
Timeout timeout Optional Time Span, Number, Text Maximum wait time to run the command.

Note:If no value is defined for the Timeout parameter, the runtime uses the context timeout defined by the Set Timeout (setTimeout) command. If the command is not used, the default timeout is 5 seconds.

Output parameters

Designer mode label Script mode name Accepted variable types Description
SSH Connection value SSH Session Returns the connection established with the SSH server.


The SSH Login command initiates a connection to an SSH server using name, password, and file with the private keys, and then tunneling with the destination server, sending the command "ls" to get the file list from current directory of the destination server.

defVar --name sshConnection --type SSHSession
defVar --name sshTunnel --type SSHForwardedPort
defVar --name filesList --type String
// Initiate the connection to an SSH server.
startSSH --host "" --username "User Name" --password password --port 22 --keygen "Private Key File" --passphrase "Pass Phrase" --timeout 00:00:05 sshConnection=value
// Create tunneling with the destination server.
openSSHTunnel --client ${sshConnection} --port 80 --boundport 8090 --destination "Local" --host "" sshTunnel=value
// Sending the "ls" command to the SSH server for a list of file names from the current directory of the destination server.
executeSSH --client ${sshConnection} --command ls --timeout 00:00:05 filesList=value
// Connection to an SSH server to send commands to it is demonstrated.
//All host, port, and connection data is for example only, with both client services and SSH server installed.
// The user must enter valid data for a valid SSH connection!


This command does not support all private key formats and encryption algorithms, using a different type might lead to errors when running the command.

The following private keys are supported:

  • RSA in OpenSSL PEM and format
  • DSA in OpenSSL PEM and format
  • ECDSA 256/384/521 in OpenSSL PEM format
  • ED25519 in OpenSSH key format

The following encryption algorithms are supported:

  • ES-128-CBC
  • AES-192-CBC
  • AES-256-CBC