hpr1856 :: ssh config

Klaatu talks about ssh config.

Hosted by Klaatu on Monday, 2015-09-14 is flagged as Clean and is released under a CC-BY-SA license.
Tags: ssh, configuration, tutorial, hints and tips. Comments: 3.
The show is available on the Internet Archive at: https://archive.org/details/hpr1856

Listen in ogg, spx, or mp3 format. Play now:

Duration: 00:12:27

Part of the series: general.

Put a file called 'config' into ~/.ssh and you can define any option you would normally provide as part of the command as an automatically-detected configuration.

For example:

host foo
    hostname foo.org
    identityfile /home/klaatu/.ssh/foo_rsa
    port 2740
    protocol 2

Makes the command 'ssh klaatu@foo' look like this to SSH:

ssh -p2740 -i ~/.ssh/foo_rsa klaatu@foo.org

Show Transcript

Automatically generated using whisper

whisper --model tiny --language en hpr1856.wav

You can save these subtitle files to the same location as the HPR Episode, and they will automatically show in players like mpv, vlc. Some players allow you to specify the subtitle file location.

<< First, < Previous, Next >, Latest >>

Comments

Subscribe to the comments RSS feed.

Comment #1 posted on 2015-09-14 07:14:15 by 0xf10e

Nice intro to `~/.ssh/config`, klaatu.

The "protocol 2" option is the default for quite some time - as in "more than 10 yrs". I think the latest version of OpenSSH doesn't even compile with support for version 1 by default. At least the sshd.

Shortening hostnames comes really handy in cases like " web-frontend.fancy-example-corp.co.uk".
And there's also patterns matching like

Host *.fancy-example-corp.co.uk *.fancy-example-corp.com
Username joe-the-admin
identityfile ~/.ssh/work_rsa

Host web-frontend1.fancy-example-corp.co.uk
Port 56278

Host web-frontend1.fancy-example-corp.co.uk
Port 57427

This way you can group hosts with common options easily.

Comment #2 posted on 2015-09-15 15:07:16 by b-yeezi

Thanks

Thanks for this show. I immediately added a config file for the couple of accounts that I commonly use. The only that I added for security is to change the permissions of the file to 600 or 644. Keep up the great shows!

Comment #3 posted on 2015-09-17 12:31:38 by Gabriel Evenfire

Identity file

I'm curious if, from your example, you are creating separate identity files for each host. I imagine not, but it's a possibility I'd never considered before. I suppose it doesn't provide that much more security insofar as if someone can read one of your private keys from .ssh/ they can read all of them. But it does make me think.

For my part I have this ruby script to run ssh w/ shorthands to the different identities and accounts in our internal machines. This show is prompting me to do it the right way. (especially insofar as it will work with scp, sftp, and scripts that use them)

Thanks for the show. I'm enjoying that people are starting break open the tools other than the "blade" in this ssh swiss army knife.

Leave Comment

Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.

Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).

Your Name/Handle:
Title:
Comment:
Anti Spam Question:	What does the letter P in HPR stand for?
Are you a spammer?	Yes No
Who is the host of this show?
What does HPR mean to you?

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes every weekday Monday through Friday.
This page was generated by The HPR Robot at Thu, 21 Nov 2024 00:02:22 +0000