This is an old revision of the document!
This page contains some suggestions on how to improve your SSH experience.
You user own configuration file is located in your home folder at the path
~/.ssh/config
In some cases this file does not exist, you can create it for example by issuing
touch ~/.ssh/config
This file is very useful to create ssh shortcuts to servers and add specific options for each server. In what follows I show some examples of how this can be used.
One can speedup logging in by configuring her/his own ssh client. This will also help in scp-ing data to the cluster.
The configuration example below shows how you can access a machine through another machine with a single ssh command. The scenario is as follows:
User ---> machine hostA.matfys.lth.se ----> machine hostB.matfys.lth.se ----> machine hostC.matfys.lth.se
And you want to use one single command to login to B or C.
# access hostA.matfys.lth.se Host hostA HostName hostA.matfys.lth.se User <username on hostA.matfys.lth.se> ForwardX11 yes # this is equivalent to ssh -X hostA.matfys.lth.se # directly access hostB.matfys.lth.se Host hostB User <Username on hostA.matfys.lth.se> ForwardX11 yes # Use this command if A uses Openssh server version < 5.4. # It requires the program netcat (nc) to be installed on the # hostA.matfys.lth.se machine. ProxyCommand ssh -q hostA.matfys.lth.se nc hostB.matfys.lth.se 22 # directly access hostC.matfys.lth.se Host hostC User <Username on hostC.matfys.lth.se> ForwardX11 yes # Use this command if hostB.matfys.lth.se uses Openssh server version >= 5.4, # that has native support for tunnelling ssh connections. ProxyCommand ssh -q hostB.matfys.lth.se -W hostC.matfys.lth.se:22
Example: My user is florido. In the template above, I would change all the <Username …> to florido.
then to login to hostB.matfys.lth.se
I will do:
ssh hostB
And I will have to input 2 passwords: one for hostA.matfys.lth.se
, one for hostB.matfys.lth.se
.
In general you will have to input as many passwords as the number of hops. To overcome this problem, use a private/public ssh keypair technique described below.
work in progress. If you plan to use this, read the following:
DO NOT USE PASSWORDLESS KEYS. THESE ARE A SECURITY THREAT FOR THE EVERYONE USING SERVERS!!! |
This tutorial is nice: