ssh
SSH: save time with host shortcuts
17/12/07 15:37 Filed in: Unix
If you work with SSH a lot from the command line then repeatedly typing in full hostnames can be cumbersome and tiring. In this quick post I'll show you how to setup up hostname shortcuts to save you time on the command line.
Let's assume you have a host painstakingly called luke-skywalker@deathstar.com then by adding the following to your
Now the next time you want to connect all you have to type is:
This hostname expansion works for all commands in
Let's assume you have a host painstakingly called luke-skywalker@deathstar.com then by adding the following to your
~/.ssh/config (you may have to create it first): Host luke
HostName luke-skywalker@deathstar.com
Now the next time you want to connect all you have to type is:
$ ssh luke
This hostname expansion works for all commands in
ssh family, including sftp and scp. It also works for programs that use ssh to connect remotely, including rsync, cvs and subversion. |
SSH: login without a password
17/12/07 15:26 Filed in: Unix
WARNING: logging in without a password is highly convenient but anybody with access to your workstation with this enabled can log in to your server, so make sure your workstations is adequately secured!
First, on the client side create the private and public keys
This creates two files:
Note that the -N "" option tells ssh not to create a passphrase, and the -t option specifies the type as "rsa".
And second, upload the public key file (
If you get an error message then please make sure the
First, on the client side create the private and public keys
$ ssh-keygen -f $HOME/.ssh/id_rsa -N "" -t rsa
This creates two files:
id_rsa and id_rsa.pub in $HOME/.ssh. The file id_rsa is the private key, and the file id_rsa.pub is the public key.Note that the -N "" option tells ssh not to create a passphrase, and the -t option specifies the type as "rsa".
And second, upload the public key file (
id_rsa.pub) to the server and append it to the to the authorised keys file $ cat $HOME/.ssh/id_rsa.pub | ssh you@server 'cat - >> ~/.ssh/authorized_keys'
If you get an error message then please make sure the
~/.ssh directory exists on your server.SSH port forwarding made easy
17/12/07 15:22 Filed in: Unix
To forward a port on your local machine to that of a remote machine:
This forwards traffic destined for
For example, if you are behind a firewall that blocks the CVSup port (5999) you can circumvent the firewall with:
This forwards traffic destined for port 5999 on the localhost to port 5999 at cvsup.at.freebsd.org via tunnel.example.org
Another, probably more common example is when you want to tunnel your mail over an encrypted channel. For POP3 the tunnel command is:
For IMAP replace 110 with 143.
The above tunnel assumes that you have an account on mail.somewhere.com and that port 110 is not blocked by your firewall.
$ ssh -f -N -L [local port]:[remote host]:[remote port] [forward host]
This forwards traffic destined for
[local port] on the local host to [remote port] at [remote host] via [forward host].For example, if you are behind a firewall that blocks the CVSup port (5999) you can circumvent the firewall with:
$ ssh -f -N -L 5999:cvsup.at.freebsd.org:5999 tunnel.example.org
This forwards traffic destined for port 5999 on the localhost to port 5999 at cvsup.at.freebsd.org via tunnel.example.org
Another, probably more common example is when you want to tunnel your mail over an encrypted channel. For POP3 the tunnel command is:
$ ssh -f -N -L 110:mail.somewhere.com:110 localhost
For IMAP replace 110 with 143.
The above tunnel assumes that you have an account on mail.somewhere.com and that port 110 is not blocked by your firewall.