2012年3月24日 星期六

SSH multiplexing tricks

In my job I always have to make a lot of connections to the same servers. I used ssh key to authenticate so basically I don't have to type the password all the time but it is really a pain to wait for a new ssh connection to come up. There is some other situations that the server only accept password authentication but not the key authentication and it is really a pain to type the password on all new connections. In situation like this, we could use SSH multiplexing.

What make ssh multiplexing good is that it allow sharing of multiple sessions over a single network connection. Looking at the man page of ssh_config, here is the description.

ControlMaster

      Enables the sharing of multiple sessions over a single network connection.  When set to “yes” ssh will listen for connections on a control socket specified using the ControlPath argument.  Additional sessions can connect to this socket using the same ControlPath with ControlMaster set to “no” (the default). These sessions will try to reuse the master instance’s network connection rather than initiating new ones, but will fall back to connecting normally if the control socket does not exist, or is not listening.

Simply put, with multiplexing enabled, the first connection towards a server would be used as a control session. And then all new connections after that will be going through that control session (a local UNIX socket) which skips all the hassle (initializing connection negotiation, password / key exchange ... etc).

To turn on SSH mulitplexing,

Create the directory to hold the socket

$ mkdir -p ~/.ssh/multiplex
$ chmod 700 ~/.ssh/connections

And then add this to your ~/.ssh/config:

Host *
ControlMaster auto
ControlPath ~/.ssh/connections/%r@%h:%p


In here %r stand for the user name, %h stand for hostname while @p stand for the ssh port.

沒有留言:

張貼留言