User Tools

Site Tools


it_tips:ssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
it_tips:ssh [2017/05/03 14:55]
florido [Debugging problems]
it_tips:ssh [2023/10/09 14:27] (current)
florido
Line 12: Line 12:
  
 This file is very useful to create ssh shortcuts to servers and add specific options for each server. In what follows I show some examples of how this can be used. You can edit the file with any text editor of your choice, it's a simple text file. This file is very useful to create ssh shortcuts to servers and add specific options for each server. In what follows I show some examples of how this can be used. You can edit the file with any text editor of your choice, it's a simple text file.
 +
 +===== Prevent broken pipe when not using the client =====
 +
 +Sometimes you're connected to a server but you are not interacting with the ssh client because you have other things to do. In many cases the server will disconnect you if it doesn'​t see any activity (in jargon, you're //idle//)
 +
 +To prevent such disconnection add to your ''​~/​.ssh/​config''​ the following:
 +<code bash>
 +Host *
 +  ServerAliveInterval 30
 +</​code>​
 +
 +you may tweak that number to be less aggressive eventually. Typical intervals are 60, 90, 120.
 +
 +This should be done on the machine where you launch the ''​ssh''​ command, to keep that machine in contact with the server.
  
 ===== Speedup connection using tunneling ===== ===== Speedup connection using tunneling =====
Line 170: Line 184:
 -rw-r--r-- 1 pflorido hep  751 maj  3 13:59 /​nfs/​users/​floridop/​.ssh/​myid_rsa.pub -rw-r--r-- 1 pflorido hep  751 maj  3 13:59 /​nfs/​users/​floridop/​.ssh/​myid_rsa.pub
 </​code>​ </​code>​
-  - Copy the key to the target server, say watto: Command:<​code:​bash>​ssh-copy-id -i ~/​.ssh/​myid_rsa pflorido@watto.matfys.lth.se</​code>​Result:<​code:​bash>​+  - Copy the key to the target server, say watto: Command:<​code:​bash>​ssh-copy-id -i ~/​.ssh/​myid_rsa.pub pflorido@watto.matfys.lth.se</​code>​Result:<​code:​bash>​
 /​usr/​bin/​ssh-copy-id:​ INFO: attempting to log in with the new key(s), to filter out any that are already installed /​usr/​bin/​ssh-copy-id:​ INFO: attempting to log in with the new key(s), to filter out any that are already installed
 /​usr/​bin/​ssh-copy-id:​ INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys /​usr/​bin/​ssh-copy-id:​ INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Line 185: Line 199:
 </​code>​ </​code>​
   - Try to login to the server **using the identity created**: Command:<​code:​bash>​ssh -i ~/​.ssh/​myid_rsa.pub pflorido@watto.matfys.lth.se</​code>​   - Try to login to the server **using the identity created**: Command:<​code:​bash>​ssh -i ~/​.ssh/​myid_rsa.pub pflorido@watto.matfys.lth.se</​code>​
 +
 +For every entry in your config you will need to run ssh-copy-id if you want to use ssh keys on that entry. This will copy the key to the target machine (for example beast)
 +
 +You can now create entries in your ''​~/​.ssh/​config''​ file to use tunnelling as described in [[#Speedup connection using tunneling]],​ and the agent should automatically forward your keys.
 +
  
 ===== Debugging SSH problems and useful commands ===== ===== Debugging SSH problems and useful commands =====
Line 204: Line 223:
 <​code:​bash>​ps aux | grep ssh-agent</​code>​ <​code:​bash>​ps aux | grep ssh-agent</​code>​
  
 +==== Remove an offending key from known_hosts ====
 +
 +<​code:​bash>​ssh-keygen -R <​hostname></​code>​
 +
 +==== Remove an offending key from known_hosts ====
  
 +<​code:​bash>​ssh-keygen -R <​hostname or IP></​code>​
 ====== References ====== ====== References ======
  
   * Arch linux SSH PKI tutorial, https://​wiki.archlinux.org/​index.php/​SSH_Keys ​   * Arch linux SSH PKI tutorial, https://​wiki.archlinux.org/​index.php/​SSH_Keys ​
it_tips/ssh.1493823308.txt.gz ยท Last modified: 2017/05/03 14:55 by florido

Accessibility Statement