1. Multiple Connection Sharing
If you need to open a connection to the same server in more than one window, instead of typing the username, password, or waiting for the connection to be established each time, you can configure the SSH Connection Sharing option to open your SSH profile locally, usually in ~/.ssh/config, and then add the following 2 lines:
Copy Code code as follows:
Controlmaster Auto
Controlpath/tmp/ssh_mux_%h_%p_%r
Now try disconnecting your connection to the server and creating a new connection, then open a new window and create a connection, and you'll find that the second connection is almost instantaneous.
Windows user
If you are a Windows user, unfortunately, the most popular open source SSH client Putty does not support this feature, but Windows also has a OPENSSH implementation, such as this copssh, if you think that some of the following techniques are helpful to you, perhaps you should try Copssh.
File transfer
Connection Sharing will not only help you share multiple SSH connections, if you need to transfer files through SFTP with the server, you will find that they are still using the same connection, and if you use Bash, you will find that you even SSH even supports tab to the server-side file for automatic completion, Shared connection options are also valid for tools that require SSH, such as rsync,git, and so on.
2. Long connection
If you find yourself having to connect to the same server countless times for each one, then the long connection option is for you:
Copy Code code as follows:
Now every time you connect to the server via SSH, this connection will be maintained for 4 hours, even after you exit the server, the connection can be reused, so you will find that the connection is built at lightning speed the next time you log on to the server (within 4 hours). This option is especially noticeable when you copy multiple files through the SCP, because you are not required to have separate certifications for each file.
3. Don't enter the code again.
If you are still in the password way to login ssh, then you should probably try SSH keys, first use OpenSSH for their own claims a pair of keys:
Copy Code code as follows:
Follow the instructions, after completion, you should be able to see two files in your. SSH directory, Id_rsa is your private key, and id_ras.pub is your public key, now you need to copy your public key to the server, if your system has ssh-copy-id command, the copy will be simple:
Copy Code code as follows:
$ Ssh-copy-id smylers@compo.example.org
Otherwise, you will need to manually copy your private key to the ~/.ssh/authorized_keys file on the server:
Copy Code code as follows:
$ < ~/.ssh/id_rsa.pub ssh clegg.example.org ' mkdir-p. SSH; Cat >> Ssh/authorized_keys; chmod go-w. ssh. Ssh/authorized_keys '
Now try to reconnect to the SSH server, or copy the file, do not need to enter the password again?
Configuring SSH Key for Putty
Putty can also use SSH key to download Puttygen and pageant from the Putty Web site, and then use Puttygen to generate your keys and copy the public key to the server's '. Ssh/authorized_ Keys ' directory, and then run pageant, import your private key, let it run in the background, narrowed you can use the putty through the public key directly to the server, you can in the Putty Manual in the 8th, 9 chapters to learn about this feature detailed description.
4. Connection Relay
Sometimes you may need to connect to another server from one server, such as transferring data directly between two servers without having to go through the local computer:
Copy Code code as follows:
WWW1 $ scp-pr Templates www2: $PWD
(Incidentally, when you need to copy files between two servers, $PWD variables are useful), because even if you have added your local computer's public key to both servers, the SCP will still prompt you for the password by default: This is because the server you used as a springboard doesn't have your private key, so The second child server will reject your public key, but do not solve the problem by copying your private key to the staging server, you can use agent forwarding to solve the problem, just add the following line of code to your. Ssh/config file:
Copy Code code as follows:
Or in the Putty "Allow agent Forwarding" option, now your local SSH becomes the first server SSH proxy, from the first server in the connection to other servers and as simple as in your local, note that if you want to open this option, The premise is that this intermediary server is worthy of your trust.
5. Omit Host name
It is tedious to enter the full hostname of the server to establish a new SSH connection, especially if you have a group of servers with the same domain name but different subdomains that need to be managed, such as the following:
Copy Code code as follows:
* www1.example.com
* www2.example.com
* mail.example.com
* intranet.internal.example.com
* backup.internal.example.com
* dev.internal.example.com
Perhaps your network has been configured to use short domain names, such as an intranet, but if your network is not supported, you can actually handle the problem yourself without resorting to a network administrator.
The solution is slightly different depending on the operating system you use, and the following is the configuration of my Ubuntu system:
Copy Code code as follows:
Prepend domain-search "internal.example.com", "example.com";
Then you need to restart the network: $ sudo restart Network-manager
Different systems, these two commands may be slightly different.
5. Host Alias
You can also define a host alias directly in your SSH configuration, as follows:
Copy Code code as follows:
Host Dev
HostName dev.internal.example.com
You can also use wildcard characters for grouping:
Copy Code code as follows:
Host Dev Intranet Backup
HostName%h.internal.example.com
Host www* Mail
HostName%h.example.com
In putty you can save a separate session for each hostname and double-click to establish a connection (but it may not be able to support wildcards).
7. Omit User name
If your username on the remote server differs from your local username, you can also set it in the SSH configuration:
Copy Code code as follows:
Host www* Mail
HostName%h.example.com
User Simon
Now, even if my local username is smylers, I can still connect to my server like this:
Copy Code code as follows:
SSH will use Simon's account to connect to your server, and putty can save this information in your session.
8. Jump between servers
Sometimes, you may not be able to connect directly to a server, and you need to use an intermediary server to relay, this process can also be automated. First make sure you have a public key access configured for the server and you have the agent forwarding enabled, and now you can connect to the target server with 2 commands without any prompt input:
Copy Code code as follows:
$ SSH Gateway
Gateway $ SSH DB
Then, in your local SSH configuration, add the following configuration:
Copy Code code as follows:
Host DB
HostName db.internal.example.com
Proxycommand SSH Gateway Netcat-q%h%p
You can now connect directly to the target server with a single command:
Copy Code code as follows:
Here you may need to wait a little longer, because SSH requires two certification, note that Netcat may also be written in NC or NCAT or in front of the need to add g, you need to check your intermediary server to determine the actual parameters.
9. Break through the network blockade
Sometimes, the network you use may only open 80 ports, or they block the SSH port (the default 22 port), in which case, you can configure the SSH server on the 80 or 443 ports to monitor to break through the blockade, only need to edit your server/etc/ssh/sshd_ Config file:
Copy Code code as follows:
Then reboot the SSH server:
Copy Code code as follows:
Of course, the premise is that your server does not use the HTTs service, but in fact you just need to set up a server using HTTPS port is enough, you but you can access this server, you can use the technology we mentioned earlier use it as a springboard to access other servers, but remember, You need to configure this server ahead of time (how about now?) So that if you're in a web-only network environment, you can dispense with the hassle of calling someone else to help you configure your intermediary server.
10. Cross Web Proxy
Sometimes, your network is more than blocking SSH ports, they may go further, only to allow you to access the network through the Web proxy, fortunately we have a program called Corkscrew can send SSH data through the Web proxy. The use of corkscrew is very simple, generally I am in need of search, and then directly download, follow the instructions on the site, and then it is done, generally you need such a configuration:
Copy Code code as follows:
Proxycommand corkscrew proxy.example.org 8080%h%p
11. Remote GUI
Sometimes it can be very useful to access a remote server file through a local GUI program, such as editing a picture, or viewing a PDF file, or simply modifying the code with a Gvim editor, and I find that it is more useful than vim in the terminal. Because I can open a new window to edit the file by Gvimopens, and do something else with the current SSH window, do not do this, you need to first open an option called X forwarding in your SSH configuration:
Copy Code code as follows:
This option requires the server configuration to work, the server also needs to open x forwarding, you can add the following command in the/etc/ssh/sshd_config of the server:
Copy Code code as follows:
And you also need to make sure that Xauth is installed. Editors, picture viewers, and other graphical programs that you need to run, which are available only if you support local x server operations, Mac and Windows have free x server, and you may need to spend some time configuring them, By contrast, switching to Linux is relatively easy.
12. Local Operation remote Files
Another alternative that allows remote GUI programs to be displayed locally is to allow local GUI programs to manipulate remote files directly, you can do it through SSHFS, just create an empty directory, and then use SSHFS to mount a remote directory to this directory:
Copy Code code as follows:
$ mkdir GALLERY_SRC
$ SSHFS dev:projects/gallery/src gallery_src
$ CD GALLERY_SRC
$ ls
Now you can use any of your favorite local programs to facilitate the files in this directory, they appear to be in your local, but their real-time remote server files, you can use the Fusermount command to unmount these files, do not worry to remember, they are on the top of the SSHFS manual:
Copy Code code as follows:
$ cd ...
$ fusermount-u GALLERY_SRC
SSHFS can work on Linux and OS X, Windows users I haven't found a good way yet.
13. Access to remote files via vim
Vim has a built-in feature to edit remote files directly, requiring the help of the SCP URL:
Copy Code code as follows:
$ gvim Scp://dev/projects/gallery/src/templates/search.html.tt
This is obviously less flexible than SSHFS, but if you only need to edit 1, 2 files on a remote server, this command will be more flexible and you can do so on windows:
Copy Code code as follows:
14. Connect to remote server using local app
Sometimes services, such as databases or Web servers, run on remote servers, but it is useful to connect them directly from local programs if they are useful, and to do this you need to use port forwarding (forwarding), for example, If your server is running Postgres (and only local access is allowed), then you can add in your SSH configuration:
Copy Code code as follows:
Host DB
Localforward 5433 localhost:5432
Now, when you connect to your SSH server, it will open a 5433 port (I randomly picked) on your local computer and forward all data sent to this port to the server's 5432 port (Postgres's default port), and then, as soon as you establish a connection to the server, You will be able to access the server's Postgres via port 5433.
Copy Code code as follows:
Now open another window and you can connect to your Postgres database locally by following this command:
Copy Code code as follows:
$ psql-h localhost-p 5443 Orders
This command can be especially useful if you want to use a graphical postgres client that is not supported by the server:
Copy Code code as follows:
Or if you have a backend Web server that you don't want to access directly over the Internet, you can also access it via port forwarding:
Copy Code code as follows:
Host API
Localforward 8080 localhost:80
Now connect to the server:
Copy Code code as follows:
Then point the browser to your chosen port number:
Copy Code code as follows:
$ Firefox http://localhost:8080/
15. Reduce delays
If each connection to the server means you have to wait a few 10 seconds to do nothing, you might want to try adding the following in your SSH configuration:
Copy Code code as follows:
If this command is valid, you should notify your system administrator to let him disable this option on the server so that others do not have to add the configuration to their local configuration separately.
16. Speed up the connection
If you make sure that your connection to a server is secure (for example, through a corporate intranet), you can make the data transfer faster by selecting the Arcfourencryption algorithm:
Copy Code code as follows:
Note that this acceleration is at the expense of the "encryption" of the data, so if you are connected to a server on the Web, do not open this option and make sure you are connected through a VPN.
Let's move now. Try these techniques to make your SSH more efficient!