User Tools

Site Tools


it_tips:ssh

This is an old revision of the document!


Better SSH experience

This page contains some suggestions on how to improve your SSH experience.

Speedup connection with the ssh config file

One can speedup logging in by configuring her/his own ssh client. This will also help in scp-ing data to the cluster.

The configuration example below shows how you can access a machine through another machine with a single ssh command. The scenario is as follows:

 User  --->  machine hostA.matfys.lth.se  ---->  machine hostB.matfys.lth.se ----> machine hostC.matfys.lth.se

And you want to use one single command to login to B or C.

# access hostA.matfys.lth.se
Host hostA
HostName hostA.matfys.lth.se
User <username on hostA.matfys.lth.se>
ForwardX11 yes
 
# directly access hostB.matfys.lth.se
Host hostB
User <Username on hostA.matfys.lth.se>
ForwardX11 yes
# Use this command if A uses Openssh server version < 5.4.
# It requires the program netcat (nc) to be installed on the
# hostA.matfys.lth.se machine.
ProxyCommand ssh -q hostA.matfys.lth.se nc hostB.matfys.lth.se 22
 
# directly access hostC.matfys.lth.se
Host hostC
User <Username on hostC.matfys.lth.se>
ForwardX11 yes
# Use this command if hostB.matfys.lth.se uses Openssh server version >= 5.4,
# that has native support for tunnelling ssh connections.
ProxyCommand ssh -q hostB.matfys.lth.se -W hostC.matfys.lth.se:22

Example: My user is florido. In the template above, I would change all the <Username …> to florido.

then to login to hostB.matfys.lth.se I will do:

ssh hostB

And I will have to input 2 passwords: one for hostA.matfys.lth.se, one for hostB.matfys.lth.se.

In general you will have to input as many passwords as the number of hops. To overcome this problem, use a private/public ssh keypair technique described below.

Reduce passwords using a private/public ssh key pair

work in progress. If you plan to use this, read the following:

:!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!:

DO NOT USE PASSWORDLESS KEYS. THESE ARE A SECURITY THREAT FOR THE WHOLE CLUSTER!

:!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!::!:

This tutorial is nice:

https://wiki.archlinux.org/index.php/SSH_Keys

it_tips/ssh.1411371609.txt.gz · Last modified: 2014/09/22 07:40 by florido