1. Multiple Connection Sharing
If you need to open a connection to the same server in more than one window, instead of typing the username, password, or waiting for the connection to be established each time, you can configure the SSH Connection Sharing option to open your SSH profile locally, usually in ~/.ssh/config, and then add the following 2 lines:
Now try disconnecting your connection to the server and creating a new connection, then open a new window and create a connection, and you'll find that the second connection is almost instantaneous.
Windows user
If you are a Windows user, unfortunately, the most popular open source SSH client Putty does not support this feature, but Windows also has a OPENSSH implementation, such as this copssh, if you think that some of the following techniques are helpful to you, perhaps you should try Copssh.
File transfer
Connection Sharing will not only help you share multiple SSH connections, if you need to transfer files through SFTP with the server, you will find that they are still using the same connection, and if you use Bash, you will find that you even SSH even supports tab to the server-side file for automatic completion, Shared connection options are also valid for tools that require SSH, such as rsync,git, and so on.
2. Long connection
If you find yourself having to connect to the same server countless times for each one, then the long connection option is for you:
Now every time you connect to the server via SSH, this connection will be maintained for 4 hours, even after you exit the server, the connection can be reused, so you will find that the connection is built at lightning speed the next time you log on to the server (within 4 hours). This option is especially noticeable when you copy multiple files through the SCP, because you are not required to have separate certifications for each file.
3. Don't enter the code again.
If you are still in the password way to login ssh, then you should probably try SSH keys, first use OpenSSH for their own claims a pair of keys:
Follow the instructions, after completion, you should be able to see two files in your. SSH directory, Id_rsa is your private key, and id_ras.pub is your public key, now you need to copy your public key to the server, if your system has ssh-copy-id command, the copy will be simple:
Otherwise, you will need to manually copy your private key to the ~/.ssh/authorized_keys file on the server:
Now try to reconnect to the SSH server, or copy the file, do not need to enter the password again?
Configuring SSH Key for Putty
Putty can also use SSH key to download Puttygen and pageant from the Putty Web site, and then use Puttygen to generate your keys and copy the public key to the server's '. Ssh/authorized_ Keys ' directory, and then run pageant, import your private key, let it run in the background, narrowed you can use the putty through the public key directly to the server, you can in the Putty Manual in the 8th, 9 chapters to learn about this feature detailed description.
4. Connection Relay
Sometimes you may need to connect to another server from one server, such as transferring data directly between two servers without having to go through the local computer:
(Incidentally, when you need to copy files between two servers, $PWD variables are useful), because even if you have added your local computer's public key to both servers, the SCP will still prompt you for the password by default: This is because the server you used as a springboard doesn't have your private key, so The second child server will reject your public key, but do not solve the problem by copying your private key to the staging server, you can use agent forwarding to solve the problem, just add the following line of code to your. Ssh/config file:
Or in the Putty "Allow agent Forwarding" option, now your local SSH becomes the first server SSH proxy, from the first server in the connection to other servers and as simple as in your local, note that if you want to open this option, The premise is that this intermediary server is worthy of your trust.
5. Omit Host name
It is tedious to enter the full hostname of the server to establish a new SSH connection, especially if you have a group of servers with the same domain name but different subdomains that need to be managed, such as the following:
Perhaps your network has been configured to use short domain names, such as an intranet, but if your network is not supported, you can actually handle the problem yourself without resorting to a network administrator.
The solution is slightly different depending on the operating system you use, and the following is the configuration of my Ubuntu system:
Then you need to restart the network: $ sudo restart Network-manager
Different systems, these two commands may be slightly different.
5. Host Alias
You can also define a host alias directly in your SSH configuration, as follows:
You can also use wildcard characters for grouping:
Host www* Mail
HostName%h.example.com
In putty you can save a separate session for each hostname and double-click to establish a connection (but it may not be able to support wildcards).
7. Omit User name
If your username on the remote server differs from your local username, you can also set it in the SSH configuration:
Now, even if my local username is smylers, I can still connect to my server like this:
SSH will use Simon's account to connect to your server, and putty can save this information in your session.
8. Jump between servers
Sometimes, you may not be able to connect directly to a server, and you need to use an intermediary server to relay, this process can also be automated. First make sure you have a public key access configured for the server and you have the agent forwarding enabled, and now you can connect to the target server with 2 commands without any prompt input:
Then, in your local SSH configuration, add the following configuration:
You can now connect directly to the target server with a single command:
Here you may need to wait a little longer, because SSH requires two certification, note that Netcat may also be written in NC or NCAT or in front of the need to add g, you need to check your intermediary server to determine the actual parameters.
9. Break through the network blockade
Sometimes, the network you use may only open 80 ports, or they block the SSH port (the default 22 port), in which case, you can configure the SSH server on the 80 or 443 ports to monitor to break through the blockade, only need to edit your server/etc/ssh/sshd_ Config file:
Then reboot the SSH server:
Of course, the premise is that your server does not use the HTTs service, but in fact you just need to set up a server using HTTPS port is enough, you but you can access this server, you can use the technology we mentioned earlier use it as a springboard to access other servers, but remember, You need to configure this server ahead of time (how about now?) So that if you're in a web-only network environment, you can dispense with the hassle of calling someone else to help you configure your intermediary server.
10. Cross Web Proxy
Sometimes, your network is more than blocking SSH ports, they may go further, only to allow you to access the network through the Web proxy, fortunately we have a program called Corkscrew can send SSH data through the Web proxy. The use of corkscrew is very simple, generally I am in need of search, and then directly download, follow the instructions on the site, and then it is done, generally you need such a configuration:
11. Remote GUI
Sometimes it can be very useful to access a remote server file through a local GUI program, such as editing a picture, or viewing a PDF file, or simply modifying the code with a Gvim editor, and I find that it is more useful than vim in the terminal. Because I can open a new window to edit the file by Gvimopens, and do something else with the current SSH window, do not do this, you need to first open an option called X forwarding in your SSH configuration:
This option requires the server configuration to work, the server also needs to open x forwarding, you can add the following command in the/etc/ssh/sshd_config of the server:
And you also need to make sure that Xauth is installed. Editors, picture viewers, and other graphical programs that you need to run, which are available only if you support local x server operations, Mac and Windows have free x server, and you may need to spend some time configuring them, By contrast, switching to Linux is relatively easy.
12. Local Operation remote Files
Another alternative that allows remote GUI programs to be displayed locally is to allow local GUI programs to manipulate remote files directly, you can do it through SSHFS, just create an empty directory, and then use SSHFS to mount a remote directory to this directory:
Now you can use any of your favorite local programs to facilitate the files in this directory, they appear to be in your local, but their real-time remote server files, you can use the Fusermount command to unmount these files, do not worry to remember, they are on the top of the SSHFS manual:
SSHFS can work on Linux and OS X, Windows users I haven't found a good way yet.
13. Access to remote files via vim
Vim has a built-in feature to edit remote files directly, requiring the help of the SCP URL:
This is obviously less flexible than SSHFS, but if you only need to edit 1, 2 files on a remote server, this command will be more flexible and you can do so on windows:
14. Connect to remote server using local app
Sometimes services, such as databases or Web servers, run on remote servers, but it is useful to connect them directly from local programs if they are useful, and to do this you need to use port forwarding (forwarding), for example, If your server is running Postgres (and only local access is allowed), then you can add in your SSH configuration:
Now, when you connect to your SSH server, it will open a 5433 port (I randomly picked) on your local computer and forward all data sent to this port to the server's 5432 port (Postgres's default port), and then, as soon as you establish a connection to the server, You will be able to access the server's Postgres via port 5433.
Now open another window and you can connect to your Postgres database locally by following this command:
This command can be especially useful if you want to use a graphical postgres client that is not supported by the server:
Or if you have a backend Web server that you don't want to access directly over the Internet, you can also access it via port forwarding:
Now connect to the server:
Then point the browser to your chosen port number:
15. Reduce delays
If each connection to the server means you have to wait a few 10 seconds to do nothing, you might want to try adding the following in your SSH configuration:
If this command is valid, you should notify your system administrator to let him disable this option on the server so that others do not have to add the configuration to their local configuration separately.
16. Speed up the connection
If you make sure that your connection to a server is secure (for example, through a corporate intranet), you can make the data transfer faster by selecting the Arcfourencryption algorithm:
Note that this acceleration is at the expense of the "encryption" of the data, so if you are connected to a server on the Web, do not open this option and make sure you are connected through a VPN.
Let's move now. Try these techniques to make your SSH more efficient!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
