Here are some tricks to boost your productivity when working withSSH.
OpenSSH has a great feature “key-based authorization” which uses RSA/DSA key pair to do authorization instead of password. With the help of it, login can be done automatically.
Here are the steps:
- Create ssh key pair, if you have’t one. Check
~/.ssh. If you find a fine with name
id_rsa.pub, you are done since the key pair is ready to use. Otherwise, create it simply by typing
ssh-keygenand following the instructions. Keep in mind that there are two kinds of key pairs, RSA or DSA. I always use RSA. You can choose one on your own. If you choose RSA with other options as default, you will get
~/.ssh. The former file is the private key and latter one is the public key.
- Make sure your
~/.sshis private. I want to emphasize that here that the private key, i.e.
id_rsa, is the equivalent with your password since people who can access this file can login the remote machine easily as they got your password! So make it private first.
chmod 700 ~/.ssh
- Transfer your public key to the remote machine which you want to login automatically. SCP may be a preferred way:
scp ~/.ssh/id_rsa.pub firstname.lastname@example.org:~/my_key.pub
- Append your public key to the
~/.ssh/authorized_keyson the remote machine.
cat my_key.pub >> ~/.ssh/authorized_keys
- Done! Check whether you can login into the remote machine automatically by simply type
on your local machine. If it works, remove the public key on the remote machine.
- For geekers who’d like to do it in one-line fashion, here it is:
cat ~/.ssh/id_dsa.pub | ssh -l user remote.machine.com ‘cat >> ~/.ssh/authorized_keys’
Even auto login is set up, in some cases you have to wait for several seconds before the shell prompt bombs out. Still frustrating, right? In some worse cases, you have wait more than 10 seconds or even longer! Why? Each time you connect a remote machine, sshd would like to use your IP address to apply reverse DNS lookup to determine your hostname. If the DNS server goes slow, it may take seconds to return the results. The longer the lookup takes, the longer you have to wait.
Two tricks can be applied to solve this problem:
/etc/hostson the remote machine and add the IP address of your local machine to it with an appropriate hostname. So if you login the system, your IP address is resolved locally, which is definitely faster.
- Disable DNS lookup on the remote machine. Edit
/etc/ssh/sshd_configand add one line:
Restart the sshd server then. If everything goes well, you will see the save of time.
Both tricks require root privilege. If do not have root access, ask your administrator to help you.
ssh -v or
ssh -vvv to output debug information and diagnose the problem.