Random Tech Thoughts

The title above is not random


  • I use public key authentication for ssh, but for some rare cases I need to force ssh to use password authentication:

    ssh -o PreferredAuthentications=keyboard-interactive,password ...
    ssh -o PubkeyAuthentication=no ...
  • ssh over web proxy:

    Host github
         User git
         Hostname ssh.github.com
         Port 443
         ProxyCommand corkscrew 808 %h %p

The followings are from Tips for Remote Unix Work (SSH, screen, and VNC).

  • Copying public key to other hosts. On systems with ssh-copy-id, just use that command:

    ssh-copy-id user@host

    On other systems:

    ssh user@example.com 'mkdir -p .ssh && cat >> .ssh/authorized_keys' < ~/.ssh/id_rsa.pub
  • SSH and pipes:

    • Send the files at ~/src/ to example.com:~/src/ without rsync or scp:

      cd && tar cz src | ssh example.com 'tar xz'
    • Copy the remote website at example.com:public_html/example.com to ~/backup/example.com

      mkdir -p ~/backup/
      cd !$
      ssh example.com 'cd public_html && tar cz example.com' | tar xzv

The followings are from this article SSH Can Do That?

  • Faster connection by using less secure “encryption”::

    Host dev
      Ciphers arcfour128

    NOTE: Do not make it default, specify it for particular host.

  • Connection sharing. Allows login to a remote server multiple times using a single connection. Edit .ssh/config::

    ControlMaster auto
    ControlPath /tmp/ssh_mux_%h_%p_%r

    This seems not working on cygwin’s ssh.

  • Persistent connections. Keep the connection after log out, also edit .ssh/config::

    ControlPersist 4h

Socks proxy and port forwarding

Refer to this blog article

  • Create a socks5 proxy server on local port 1080 using remote machine remote::

    ssh -f -N -D 1080 remote
    • -f go to background
    • -N do not execute command
  • Forward remote machine’s port 7777 to local port 22 (so remote machine can connect to 7777 to access local machine’s 22 port)::

    ssh -f -N -R 7777: remote
  • Forward local port 2222 to remote machine’s port 80 using a middle server::

    ssh -f -N -L 2222:remote:80 middle

    We can create a tunnel to forward local port to middle machine’s port, this way we create a secure tunnel in which all the communication are encrypted.

    In the above example, the communicaion from middle to remote machine’s 80 port are not encrypted. Only the communication from local machine to the middle machine are encrypted.