User Tools

Site Tools


en:linux:networking

SSH tricks

How I use SSH hostname shortcuts

In ~/.ssh/config I added following lines

Host shortcut
User my_username
HostName real_host_name

And then I can simply log in via

ssh shortcut

How I use SSH without password

  1. At your computer, generate private and public key (without any pass phrase)
    ssh-keygen -t rsa

    Alternatively, one may use -t dsa option for DSA key type. For SSH1 protocol, use -t rsa1 (the public key file is called identity.pub in this case).

  2. Copy your private key to the remote computer
    ssh-add
    ssh-copy-id user@host
    # (roughly) equivalent to
    # cat .ssh/id_rsa.pub | ssh user@host 'cat >> .ssh/authorized_keys'
  3. Adjust permissions at host - make sure that
    • authorized_keys file has no more than 600
    • /home/user has no write permission for group and other
    • /home/user/.ssh is 700

(see a more detailed discussion)

Error: ssh_exchange_identification

Modify files /etc/host.allow and /etc/hosts.deny. Both files empty (defaults) allows connection of everyone.

Mounting remote file system with SSH

I'm using SSH FS and it works great. A very useful options are:

  • -o follow_symlinks
  • -o workaround=rename - this solves certain problems with CVS and SVN.
  • -o reconnect - to reconnect to the host if the SSH connection breaks down (like during hibernation etc.)

For other options run sshfs –help.

SSHFS via an intermediate server

There is a couple of solutions proposed here http://sourceforge.net/apps/mediawiki/fuse/index.php?title=SshfsFaq (question 25).

For mounting CERN machines, I saved these lines to ssh_cern

#!/bin/bash
ssh -q lxplus.cern.ch ssh -q "$@"

Then the mount is done by

sshfs -o ssh_command='ssh_cern' AMachineInCERN:RemotePath LocalMountPath

SSH and backspace

Does pressing backspace produce funny characters like ^H ? Try running

stty sane

How not to loose X11 forwarding in a short time

Put ForwardX11Trusted yes in your ~/.ssh/config file.

Enable X forwarding by default

Put this into your .ssh/config

Host *
ForwardX11 yes
ForwardAgent yes

Other networking topics

Kerberos configuration in CERN

I copied /etc/krb5.conf file from lxplus.

Directory listings by web server

If you want to enable directory listing for a certain directory, put .htaccess file into the directory. The file shall contain the following line

Options +Indexes
en/linux/networking.txt · Last modified: 2010/03/17 11:19 (external edit)