Difference between revisions of "SSH - Client and Server"

clusterssh or tmux

A way to update multiple clients in your network is clusterssh. Clusterssh normally uses an Xserver, a graphical UI to interact as a user. Ita usage is very intuitive and not further dicussed here, just use it.

Thankes to this [article about using clusterssh in the shell], the author user spawning the ssh sessions in separate "tmux" panes and using simple ssh. I altered the script using bash, using variables with brackets (standard) and autossh instead of ssh (you also can use mosh).

Tmux is a terminal multiplexer - hey is'nt it fantastic, what marveless shell tools exist out there ;-)

Let's start:

1. Open a tmux session:

tmux

2. Now you can execute the script shown in the next section INSIDE of tmux, it will open your serverlist

ssh-tmux

The script attaching multiple server:

#/bin/bash
# ssh-tmux - need tmux
#
#######################################################################
## EDIT HERE ##########################################################
myHostList="hostname_or_ip_1 hostname_or_ip_2 hostname_or_ip_n"
mySSH="autossh"
mySession="ssh-tmux"

#######################################################################
which tmux > /dev/null || echo "Please install tmux first! Exiting ..."
which tmux > /dev/null || exit 1

if tmux has-session
then
	echo "ssh-tmux session already opended"
else
	TMUX= tmux new-session -d -s ssh-tmux
	tmux switch-client -t ssh-tmux
fi

for myHost in ${myHostList}
do
  tmux splitw "$mySSH $myHost"
  tmux select-layout tiled
done
tmux set-window-option synchronize-panes on

The author updated his post:

If you want to type in just one pane (on one host) you can do that as well: 
C-b : set-window-option synchronize-panes off and moving to the right pane (C-b + Arrow keys)

rsync

Use rsync with special ssh port:

rsync [ -av --delete ] -vraze 'ssh -p xxxxx' \
     /local/source/. username@ssh-server:/target/.

Rsync "trick" for mirroring a local path

cd /to/the/very/long/path/on/localhost
rsync -av . user@server:$(pwd)/.

where $(pwd) automacically expands to the correct path on the remote host. If it does not exist, an error will occur ;-)

To reduce the overall traffic bandwitch AND the system load, I start the rsync process on the server with ionice (perl based) and the rsync option --bwlimit=<KByteSec>. The ionice parameter -c3

sudo apt-get install liblinux-io-prio-perl

ionice -c 3 rsync -av --progress --bwlimit=5000 . teneriffa:/local_slow/mythtv/.

man ionice: -c
The scheduling class. 0 for none, 1 for real time, 2 for best-effort, 3 for idle.

SSH with unstable network access

• source: SSH über unzuverlässige Leitung - LinuxUser Magazine

TCP/IP connections are reliable, but if there is an unstable od changing IP, it will break! Concerning a ssh connections a breaking wlan - e.g. when travelling in the train - will render your ssh session useless.

There are two programs which can help solve this problem:

• autossh in conjunction with screen
• mosh

The following commandline will connect via ssh to remote-pc an starts a screen-session. When the connection is lost, the ssh-tunnel will be build up by autossh.

autossh remote-pc -t 'screen -RD'

Mosh works different. Why: three letters MIT - from the best of the best IT-stuff ;-)

• http://mosh.mit.edu/

It is more robust and trys to keep up the connection. Therefore mosh must be installed on the client AND the server.

mosh [-p NUM] [user@]remote-pc

mosh --ssh

I had some problems connecting to some special ssh port. Using the following syntax made it run.

mosh --ssh="ssh -pPORT" your_user@your_ip ***

In Ubuntu 12.04 to be able to use the "--ssh" paramater, please use the newer mosh version from the follwing ppa:

https://launchpad.net/~keithw/+archive/mosh

Ubuntu 13.04 and up are using the correct versions.

Working with .ssh/config

If you don't like to always type in the credentials for a well known pc, you can simply add these to the file:

~/.ssh/config

Simply enter something like this:

Host IP_OF_YOUR_PC
       port    <YOUR_SSH_PORT>
       User    <USERNAME>

and the command

ssh IP_OF_YOUR_PC

will simply login with the right connection credentials.

A little script to enable passwordless login

Needless to say, that using this script you should exactly know what you are doing.

!! The author takes NO response for all kinds of damage and security issues that could happen using this script !!

Download

• Ssh_export_pub_key_for_passwordless_login.sh.zip

Source Code

#!/bin/bash
#
# This scripts exports THIS computers public ssh key to
# a clients's ~/.ssh/authorized_keys2 file.
#
# This will enable passworless login from THIS pc to the client.
#
# You need to have the password, username and IP/alias of the other pc.

client="$1"
NAME="$2"

[ "$NAME" ] || NAME="${USER}"
[ "$client" ]  || echo "ERROR: You have to specify at least a client IP or alias."
[ "$client" ]  || exit 1

cd ~/.ssh

echo "Create ssh dir on client ... "
ssh ${NAME}@$client "mkdir -p ~/.ssh; chmod 700 ~/.ssh"

echo "Check if pub key exist and/or create one ... "
[ -e id_dsa.pub ] || ssh-keygen -t dsa 

echo "Copy the public key of THIS pc to the client ... "
scp id_dsa.pub ${NAME}@$client:~/.ssh/id_dsa.pub_${HOSTNAME}

echo "We make an entry into the authorized_keys file on the client ... "
ssh ${NAME}@$client "cat ~/.ssh/id_dsa.pub_${HOSTNAME} \
   >> ~/.ssh/authorized_keys2; \
   rm ~/.ssh/id_dsa.pub_${HOSTNAME}"

echo "Secure the local public key ... "
chmod 600 id_dsa.pub

echo TEST:
echo Now we test with running the following terminal command:
echo "  ssh ${NAME}@$client echo Congratulation: You can login passwordless to your client $client."
echo ;
ssh ${NAME}@$client "echo Congratulation: You can login passwordless to your client $client."

echo ;
echo ;
echo Program ended.
echo ;
echo If you like to remove the automatic login, you have to 
echo remove the public key in the file /home/${NAME}/.ssh/authorized_keys2
echo on your clients - $client - computer.