Friday, June 18, 2021

Tip of the Trade: OpenSSH Speed Tips and Tricks

Although using public key authentication instead of passwords is a great method for increasing the security of SSH transfers, transferring SSH identity keys can be a royal pain. First, you create your key pairs; then, you copy the public key into the correct locations on all the machines you want to log into. The keys must be in a particular format, and you must go into the correct directory with the correct permissions. Fortunately, ssh-copy-id, a slick utility included with OpenSSH, makes it easy.

SSH is a secure remote administration utility with a seemingly endless variety of clever shortcuts and capabilities. For example, you can log in and execute a remote command with a single command, rather than first logging in and then typing the command:

[email protected]:~$ ssh [email protected] ls ~ 

This is a fun example that also demonstrates a little gotcha- ls ~ will list Carla’s home directory, not Terry’s. If you want to see Terry’s home directory you must specify ls /home/terry. You can do this with any one-off command, such as starting a backup script, viewing running processes or printing a document.

$ ssh-copy-id -i  id_rsa.pub [email protected] 

ssh-copy-id copies identity keys in the correct format, makes sure file permissions and ownership are correct, and ensures a private key is not accidentally copied.

Using key-based authentication instead of passwords means you don’t have to give away system passwords. To make it easier to manage multiple remote systems, you can give your keys any arbitrary names you want when you create them, like this:

When you connect, you simply name the correct key:

$ ssh -i id_apacheserver 

[email protected]

When you connect, you simply name the correct key:

$ ssh -i id_apacheserver [email protected]

Finally, don’t forget the wonderful sshfs command for mounting an entire remote filesystem. It’s much faster and easier than setting up a Samba or NFS server. First, create a local directory for the mountpoint, then fetch your remote filesystem:

$ sshfs hostname:/remotedir localdir/

Now, you can operate on the remote files as if they were local.

This article was first published on ServerWatch.com.

Similar articles

Latest Articles

Best Data Science Tools...

Data science has transformed our world. The ability to extract insights from enormous sets of structured and unstructured data has revolutionized numerous fields —...

The Data Backup and...

The data recovery market used to be built squarely around natural disasters and power cuts that shut off access to enterprise IT systems, prevented...

Cisco Steps Up Webex

I would have argued two years ago that Cisco’s Webex was behind its competitors. Today, however, the pandemic has made this product strategic again,...

GDPR Compliance & Requirements...

The General Data Protection Regulation (GDPR) has positioned itself as one of the strictest laws for the privacy of consumer data, and it's still...