Home > Linux, Shell > Three tips making ssh connections easier

Three tips making ssh connections easier

When working with linux on a grid, we generally spend a lot of time starting ssh connections, entering password, opening again and again new terminal. In the following post we’ll see three small tips that made life much easier.

Using a ssh-key without passphrase

To avoid entering password, one can use ssh public/private keys. SSH allow to generate a pair of keys, one will remain on your computer the other (the public key) will be copied to the server where you want to login. Once the public key is added on this server, you should not be asked for password anymore. For illustration purpose, we will consider that your login is “you” and the ssh server on which you want to connect yourself is “remote.host”.

1 key generation
ssh-keygen -t rsa
  1. The normal place to store the key is ~/.ssh/ so just type enter to accept this default
  2. The trick is here, type enter to give an empty passphrase
  3. Hit enter a second time
2 Export the key on the remote server
ssh-copy-id  -i ~/.ssh/id_rsa.pub you@remote.host

You’ll be asked (normally) for the last time your password and then be disconnected

3 Test the connection

now just type :

ssh you@remote.host

And you’ll be automatically connected ! You’ll then only have to repeat the step two for each server on which you have an ssh access.

Note :

  • If you prefer to keep a passphrase (which is more secure, but less convenient) you can use ssh agent more details can be found here.
  • If you already have a passphrase (whether it’s empty or not) , you can change it with “ssh-keygen -f ~/.ssh/id_rsa.pub -p”

Create an alias for your connection

I basically have ssh account on more then 10 different servers, with for each some specificity (port number, X server availability etc.)
So to automate connection, I generally use alias. Alias is a simple command that will associate to a key word a command.

Hence, in order to connect to the server remote.host with Xforwarding enabled (-X) on port number 2222 (-p 2222) , one can type in a terminal

alias Remote="ssh -X you@remote.host -p 2222"

And then from now on, when typing Remote in the terminal you’ll be automatically connected to remote.host. The shell will execute the command associated to the key word Remote.

Alias is used interactively here, so the association will work as long as your terminal is not closed. In order to have this alias always set-up when starting a terminal,  you should add the previous alias command in either ~/.profile or ~/.bash_rc (This will depend on your configuration).

Screen

Screen is a very handy tool which allow to multiplex terminal…and much more. Suppose you are not allowed to use ssh key and must use a password every time you connect to ssh. If screen is available on the server, then you can connect only one time to it and then create several “screen” which are basically terminals.

So to connect to the ssh server and create a first screen named Term1, type:

ssh me@remote.host
screen -S Term1

You ‘ll see appear a new cleaned terminal. You can start to work and run as instance a very long process.
In order to let the process run and start a new terminal, you’ll have to detach your first terminal with “Ctrl+a d”, you ‘ll then go back to your login terminal.
From the latter, you ‘ll be able to start a second screen.

screen -S Term2

That you ‘ll can also detach and so on…

To list all the screens that have been created , from the login terminal type :

screen -ls

You ‘ll see something like :
There are screens on:
22712.Term2    (08/07/12 22:07:24)    (Detached)
22682.Term1    (08/07/12 22:06:47)    (Detached)
2 Sockets in /var/run/screen/S-you.

to reattach a screen (e.g. Term1), use the -r flag with either the pid or screen name.

screen -r Term1
screen -r 22712

This way you entered only one time your password, but you have several “terminal”. Furthermore, a great advantage of screen is that you can close your ssh connection without killing the screen, so you can let a long process run and reattach its screen terminal from time to time to control them.

Advertisements
Categories: Linux, Shell
  1. Jeremie
    December 10, 2012 at 2:34 pm

    Thanks for your articles.
    Maybe I can add two proposals to this post. First, instead to create an alias for your connection, you can use and adapt the SSH configuration files to make easier the connection to several server. Second, you can use a shell script to use the commands ssh-agent and ssh-add when the keys are protected by a passphrase. When you log to your terminal in on your client, you only need to enter the passphrase for each key. After you may log to the different servers in without enter the passphrase for each connection. If you log to the client’s terminal out, the daemon ssh-agent is killed and the security of the servers is still allowed (it is not possible if the keys have an empty passphrase).

    • December 10, 2012 at 3:29 pm

      Yes, configuration files are an even better way to proceed (in fact I do use them since the post was written…and I didn’t update as I found this blog post, which is not only very clear but also contains handfull informations (in the post and comments).

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: