When dealing with a lot of servers where you need to ssh to different servers and especially if they require different authentication from different private ssh keys, it kinda gets annoying specifying the private key you need, when you want to SSH to them.
SSH Config
SSH Config: ~/.ssh/config
is powerful!
In this config file, you can specify the remote host, the key, user and the alias, so that when you want to SSH to it, you dont have to use the fully qualified domain name or IP address.
Let’s take for example our server-a with the following details:
- FQDN: host1.eu.compute.domain.coom
- User: james
- PrivateKeyFile: /path/to/key.pem
- Disable Strict Host Checking
So to access that host, you would use the following command (without ssh config):
1
|
|
Now with SSH Config, open up the config file:
1
|
|
and declare the host details:
1 2 3 4 5 6 |
|
Now, if we need to SSH to it, we can do it as simply as:
1
|
|
as it will pull in the configs from the config that is described from the host alias that you calling from the argument of the ssh binary.
SSH Timeout
Appending to our SSH Config, we can configure either our client or server to prevent SSH Timeouts due to inactivity.
- SSH Timeout on our Client:
1
|
|
Here we can set how often a NULL Packet is sent to the SSH Connections to keep the connection alive, in this case every 120 seconds:
1
|
|
- SSH Timeout on the Servers:
1
|
|
Below we have 2 properties, the interval of how often to instruct the client connected to send a NULL packet to keep the connection alive and the max number of intervals, so for a idle connection to timeout in 24 hours, we will take 86400 seconds which is 24 hours, divide into 120 second intervals, which gives as 720 intervals.
So the config will look like this:
1 2 |
|
The restart the sshd service:
1
|
|
SSH Agent
Another handy tool is ssh-agent
, if you have password encryption on your key, everytime you need to ssh, a password will be prompted. A way to get around this is to use the ssh-agent.
We also want to set a TTL to the ssh-agent, as we don’t want it to run forever (unless you want it to). In this case I will let the ssh-agent exit after 2 hours. It will also only run in the shell session from where you execute it. Lets start up our ssh-agent:
1 2 |
|
Now add the private key to the ssh-agent. If your private key is password protected, it will prompt you for the password and after successful verification the key will be added:
1 2 |
|
Multiple Github Accounts:
Here is a great post on how to work with different GitHub Accounts: - https://gist.github.com/jexchan/2351996