Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Yet another method of creating SSH shortcuts' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Yet another method of creating SSH shortcuts
Authored by: noworryz on Nov 28, '06 09:49:43AM

You can find information about the parameters in ~/.ssh/config by typing:


man 5 ssh_config

If you find you are being timed out by the remote host when you stop typing for a minute or two, you can add the following at the beginning of the file to send a "keep alive" signal over the link every thirty seconds for an hour:


  ServerAliveInterval 30
  ServerAliveCountMax 120

So that you don't continually get asked if the security key is OK, you can give SSH both the true name for the remote host and the name you are using for it (which will have to be different if you use it both remotely and locally):


Host mymacnameforhost
  HostName firewall.mycompany.com
  Port 2222
  HostKeyAlias truehostname    # name to use for ssl key check
  User myusername              # my name to use when logging on the remote host
  BatchMode yes                # use ssl key pair generated by ssh-keygen
  StrictHostKeyChecking no     # don't hassle me about keys

If a firewall guards the host, the Port number is the port number on the firewall that will get you through to the host and the HostName is the address of the firewall.

The BatchMode option says you never want to type your password and instead want to use a pair of key files; one stored on your Mac in ~/.ssh/id_dsa.pub and one stored on the remote host in ~/.ssh/id_dsa. For more information on key pairs, type:


man ssh-keygen
To generate a pair of keys, usually you will just have to type:

ssh-keygen -t dsa
then copy the two files to the right places, after manually logging on.

Note that NONE of the above applies to you if you can't log on by typing:


ssh -p portno myusername@hostname

where portno, myusername and hostname are as discussed above; i.e., the firewall port, your user name on the remote host and the IP address of the firewall. So try that first.

[ Reply to This | # ]

Yet another method of creating SSH shortcuts
Authored by: hibbelig on Nov 29, '06 01:28:25AM

Is it really necessary to turn off strict host key checking? It should only ask once for each remote host. When it asks, accept and store the remote host key. If it ever asks a second time about the same remote host, then you know that the remote host key has changed -- a possible security attack.



[ Reply to This | # ]
Yet another method of creating SSH shortcuts
Authored by: hibbelig on Nov 29, '06 01:33:22AM
Is it necessary to use BatchMode? When the keys are set up correctly, ssh doesn't ask for a password nor passphrase, regardless of the batch mode setting. If the keys aren't set up correctly, then my understanding is that batch mode makes the connection fail, whereas without batch mode one at least has a chance to enter the password/passphrase.

[ Reply to This | # ]