You can create different hosts on your ssh config (~/.ssh/config) in order to prevent typing username and password all time and speedup working with remote servers.

A sample host on ssh config:

Host your_server_name
      HostName 192.168.12.182
          User my_user_name_on_remote_server
          Port 22
          IdentityFile ~/.ssh/id_rsa

Now save the config file and exit. You can now ssh to server as below:

ssh your_server_name

INSTEAD OF USING:

ssh my_user_name_on_remote_server@192.168.12.182

#linux #sysadmin #ssh

Setup a proxy server by using SwitchyOmega chrome addon. Download and install it from chrome store and setup the credential as picture. Use ssh -D 5300 USERNAME@YOUR_SERVER_IP to proxy your browser traffic (server should be located in Europe or America).

#proxy #switchy_omega #ssh #tunnel #socks

How do I remove the passphrase for the SSH key without having to create a new key?

I set a passphrase when creating a new SSH key on my laptop. But, as I realise now, this is quite painful when you are trying to commit (Git and SVN) to a remote location over SSH many times in an hour.

$ ssh-keygen -p
 Enter file in which the key is (/Users/my_username/.ssh/id_rsa):
 Enter old passphrase:
 Enter new passphrase (empty for no passphrase):
 Enter same passphrase again:
 Your identification has been saved with the new passphrase.

This will then prompt you to enter the keyfile location, the old passphrase, and the new passphrase (`which can be left blank to have no passphrase`).

If you would like to do it all on one line without prompts do:

$ ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]

NOTE: Beware that when executing commands they will typically be logged in your ~/.bash_history file (or similar) in plain text including all arguments provided (i.e. the passphrases in this case). It is therefore is recommended that you use the first option unless you have a specific reason to do otherwise.

You might want to consider using ssh-agent, which can cache the passphrase for a time. The latest versions of gpg-agent also support the protocol that is used by ssh-agent.

#id_rsa #ssh #passphrase #keygen #linux #osx #remove_passphrase

wget and ssh session termination

If you SSH into your server and issue wget command to get file for instance, then your SSH disconnects your wget will continue its job in background. Some one might say why should it continues and how could it be when connectin of my terminal went away!?


This is from src/main.c of the wget sources (version 1.19.2):

/* Hangup signal handler.  When wget receives SIGHUP or SIGUSR1, it
    will proceed operation as usual, trying to write into a log file.
    If that is impossible, the output will be turned off.  */

A bit further down, the signal handler is installed:

/* Setup the signal handler to redirect output when hangup is
      received.  */
   if (signal(SIGHUP, SIG_IGN) != SIG_IGN)
     signal(SIGHUP, redirect_output_signal);

So it looks like wget is not ignoring the HUP signal, but it chooses to continue processing with its output redirected to the log file.


Source code of wget main.c: http://bzr.savannah.gnu.org/lh/wget/trunk/annotate/head:/src/main.c

#linux #ssh #wget #SIGHUP #SIG_IGN #SIGUSR1

Access an application on remote machine without having access to the port from your browser. Sometimes when there is firewalls that block all ports to the outside world or any other reasons, you can to port forwarding from remote machine to local machine in order to be abke to see the application UI. For solving this problem you can use ssh for port forwarding:

ssh -L 5601:localhost:8085 YOUR_HOST

This allows anyone on the remote server to connect to TCP port 5601 on the remote server. The connection will then be tunneled back to the client host, and the client then makes a TCP connection to port 8085 on localhost. Any other host name or IP address could be used instead of localhost to specify the host to connect to.

Now if you head over to your browser you can enter URL localhost:8085 to see the remote application.

#linux #ssh #port_forwarding #forwarding #remote_forwarding

Do you think SSH sucks? Do you think SSH suck specially when you are from an unstable network like what we have in IRAN and when DPI (Deep Packet Inspection) is undergo? OK, I have mosh for you. mosh stands for Mobile Shell. It reconnects itself and you never have to login again. Even if you change your internet connection you are safe and your shell is open :)

Its security is like shell, as it uses shell authentication mechanism for login. You need to open UDP ports 60000 to 61000. Or you can give -p parameter to connect on a specific port:

mosh -p 60010 admin@my_server.com

One of the caveats of mosh is that you cannot scroll to previous commands as its buffer is limited to the window you are viewing itself.

Install it using apt-get install mosh.

For further instruction head over to link below:

https://mosh.org/

#ssh #mosh #terminal

How to SSH login without password?

You want to use Linux and OpenSSH to automate your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don't want to enter any passwords, because you want to call ssh from a within a shell script.

How to do it?
First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase:

a@A:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa):
Created directory '/home/a/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again: 
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A

Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine):

a@A:~> ssh b@B mkdir -p .ssh
b@B's password:

Finally append a's new public key to b@B:.ssh/authorized_keys and enter b's password one last time:

a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
b@B's password:

From now on you can log into B as b from A as a without password:

a@A:~> ssh b@B

#linux #sysadmin #ssh #password_less #ssh_login

You can login to a server without entering a password by a simple command as below:

ssh-copy-id USERNAME@YOUR_HOST_IP -p 22

By issuing the above command it puts your public key content on server ~/.ssh/authorized_keys and prompts you to enter the password. You are all done by this.

#linux #sysadmin #ssh #passwordless_login #ssh_copy_id #authorized_keys #public_key

https://stackoverflow.com/questions/13032409/ssh-remote-variable-assignment

#linux #sysadmin #ssh #local_variable #variable_expansion #bashrc #export