To connect from the client to the server without using a password, you need to generate a key on the client. This key is then installed into the server's authorized_keys
file, and then the client can connect without standard password authentication.
On the client as the user who will run ssh
to the remote host:
Once you have done this, you need to append it to the authorized_keys
file for the user you will be logging in as on the remote server:
N.B. Replace [remote-user]
and [remote-host]
with appropriate values. You might need to change it to ~/.ssh/authorized_keys2
depending on your sshd config file, which can be found in /etc/ssh/sshd_config
on the server. Check for the AuthorizedKeysFile
config parameter.
SSH Multiplexing
SSH can allow multiple virtual connections via the same single network connection. This is called SSH multiplexing, and can make it faster to connect to a server after establishing the initial connection.
Add the following into ~/.ssh/config
or /etc/ssh/ssh_config
:
This will create a socket for each set (user, machine, port) when the first SSH session is opened. Further sessions will see the socket and use it instead of opening a new connection, multiplexing all concurrent connections via the same connection. The same goes for SCP and SFTP.
Nice side-effects of this:
- No functionality is lost at all.
- SSH sessions will open faster, as there is no need to establish a connection.
- You will not need to enter you password everytime (but note that maybe you should be using public-key authentication).
- You can open several sessions to servers which put a limit on the number of simultaneous connections.
- If you are a sysadmin, you can limit the number of SSH connections to exactly one per user.
Further Information
OpenSSH is a fantastic tool and every system administrator should learn how to use it. There are many resources out there, but here are some which I think is great:
Comments
Nice article :)
Note that rather than using:
On many machines you can just use:
Leave a comment
Please note, comments must be formatted using Markdown. Links can be enclosed in angle brackets, e.g.
<www.codeotaku.com>
.