SSH - Client and Server

From Blue-IT.org Wiki

Revision as of 11:42, 3 January 2014 by Apos (talk | contribs) (SSH with unstable network access)

SSH with unstable network access

TCP/IP connections are reliable, but if there is an unstable od changing IP, it will break! Concerning a ssh connections a breaking wlan - e.g. when travelling in the train - will render your ssh session useless.

There are two programs which can help solve this problem:

  • autossh in conjunction with screen
  • mosh

The following commandline will connect via ssh to remote-pc an starts a screen-session. When the connection is lost, the ssh-tunnel will be build up by autossh.

autossh remote-pc -t 'screen -RD'

Mosh works different. Why: three letters MIT - from the best of the best IT-stuff ;-)

It is more robust and trys to keep up the connection. Therefore mosh must be installed on the client AND the server.

mosh [-p NUM] [user@]remote-pc

I had some problems connecting to an other ssh port. Using the following syntax made it run.

mosh --ssh="ssh -pPORT" your_user@your_ip ***
  • in Ubuntu 12.04 to be able to use the "--ssh" paramater, please use the newer mosh version from the follwing ppa:
https://launchpad.net/~keithw/+archive/mosh

A little script to enable passwordless login

Needless to say, that using this script you should exactly know what you are doing.

!! The author takes NO response for all kinds of damage and security issues that could happen using this script !!

Download

Source Code

#!/bin/bash
#
# This scripts exports THIS computers public ssh key to
# a clients's ~/.ssh/authorized_keys2 file.
#
# This will enable passworless login from THIS pc to the client.
#
# You need to have the password, username and IP/alias of the other pc.

client="$1"
NAME="$2"

[ "$NAME" ] || NAME="${USER}"
[ "$client" ]  || echo "ERROR: You have to specify at least a client IP or alias."
[ "$client" ]  || exit 1

cd ~/.ssh

echo "Create ssh dir on client ... "
ssh ${NAME}@$client "mkdir -p ~/.ssh; chmod 700 ~/.ssh"

echo "Check if pub key exist and/or create one ... "
[ -e id_dsa.pub ] || ssh-keygen -t dsa 

echo "Copy the public key of THIS pc to the client ... "
scp id_dsa.pub ${NAME}@$client:~/.ssh/id_dsa.pub_${HOSTNAME}

echo "We make an entry into the authorized_keys file on the client ... "
ssh ${NAME}@$client "cat ~/.ssh/id_dsa.pub_${HOSTNAME} \
   >> ~/.ssh/authorized_keys2; \
   rm ~/.ssh/id_dsa.pub_${HOSTNAME}"

echo "Secure the local public key ... "
chmod 600 id_dsa.pub

echo TEST:
echo Now we test with running the following terminal command:
echo "  ssh ${NAME}@$client echo Congratulation: You can login passwordless to your client $client."
echo ;
ssh ${NAME}@$client "echo Congratulation: You can login passwordless to your client $client."

echo ;
echo ;
echo Program ended.
echo ;
echo If you like to remove the automatic login, you have to 
echo remove the public key in the file /home/${NAME}/.ssh/authorized_keys2
echo on your clients - $client - computer.