Difference between revisions of "SSH"

From Cncz
Jump to: navigation, search
(kopjes gefixed)
([en]SSH tips and settings[/en][nl]SSH Instellingen en tips[/nl])
Line 44: Line 44:
 
=== [en]SSH tips and settings[/en][nl]SSH Instellingen en tips[/nl] ===
 
=== [en]SSH tips and settings[/en][nl]SSH Instellingen en tips[/nl] ===
 
[en]
 
[en]
 +
 +
To avoid warnings about possibly changed ssh keys or unkown host the first time you connect to a
 +
host in the science.ru.nl domain we have signed the public keys of all our  servers.
 +
If you add the following lines to your config file in the .ssh directory in your local home directory
 +
  CanonicalDomains science.ru.nl
 +
  CanonicalizeFallbackLocal no
 +
  CanonicalizeHostname yes
 +
 +
and the following line to .ssh/known_hosts
 +
  @cert-authority *.science.ru.nl ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHpJveyOrLKFRDsbiW/29OadbCbkmUaIXnWbhVwtytbpftAc7Stj2RYa8yBmgfdm82T/UBVu1tLbeeCYQI8UlCvbAALMx+I60ux+iEGVdDBgIOjeu6LuY12pksVlXy/nKc59+m3AdMXfGHA8cI/O8eFosQLJ+dck7SBcvTT4lPhEcSQxg==
 +
 +
ssh keys of science.ru.nl hosts will be automatically accepted.
 +
 
Ssh can be used for:
 
Ssh can be used for:
 
* port forwarding on another host
 
* port forwarding on another host
Line 55: Line 68:
 
Voor nuttige tips voor het efficient gebruik van SSH, zie [http://blogs.perl.org/users/smylers/2011/08/ssh-productivity-tips.html dit artikel].
 
Voor nuttige tips voor het efficient gebruik van SSH, zie [http://blogs.perl.org/users/smylers/2011/08/ssh-productivity-tips.html dit artikel].
 
[/nl]
 
[/nl]
 
  
 
=== [en]Preventing disconnects[/en] [nl]Verbindingsproblemen voorkomen[/nl] ===  
 
=== [en]Preventing disconnects[/en] [nl]Verbindingsproblemen voorkomen[/nl] ===  

Revision as of 17:10, 8 March 2021

SSH Secure Shell

SSH is used to get a secure terminal-connection to a login server. All Linux loginservers can be reached with SSH client software, not only on the standard port 22, but also on ports 80 and 443.


Recommended ssh client software

  • Windows:
    • MobaXterm. From the MobaXterm website: "MobaXterm is an enhanced terminal for Windows with an X11 server, a tabbed SSH client and several other network tools for remote computing (VNC, RDP, telnet, rlogin). MobaXterm brings all the essential Unix commands to Windows desktop, in a single portable exe file which works out of the box." The support of OpenGL could also be a reason to start using MobaXterm. If you use it professionally, you should consider subscribing to MobaXterm Professional Edition. MobaXterm is available on the S-disc.
    • Mosh (mobile Shell) when roaming and intermittent connections.
    • PuTTY.
    • The OpenSSH client provided by Cygwin.
  • Linux: Your computer should have ssh installed by default. Otherwise, install the openssh-client package. Install Mosh (mobile Shell) when roaming or having intermittent connections.
  • OS X: the ssh client should be available on your Mac. For graphical/X11 functionality one can install XQuartz. Install Mosh (mobile Shell) when roaming or having intermittent connections.
  • Android: JuiceSSH or ConnectBot. Install Mosh (mobile Shell) when roaming or having intermittent connections.

Recommended file transfer clients


SSH tips and settings

To avoid warnings about possibly changed ssh keys or unkown host the first time you connect to a host in the science.ru.nl domain we have signed the public keys of all our servers. If you add the following lines to your config file in the .ssh directory in your local home directory

  CanonicalDomains science.ru.nl
  CanonicalizeFallbackLocal no
  CanonicalizeHostname yes

and the following line to .ssh/known_hosts

  @cert-authority *.science.ru.nl ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHpJveyOrLKFRDsbiW/29OadbCbkmUaIXnWbhVwtytbpftAc7Stj2RYa8yBmgfdm82T/UBVu1tLbeeCYQI8UlCvbAALMx+I60ux+iEGVdDBgIOjeu6LuY12pksVlXy/nKc59+m3AdMXfGHA8cI/O8eFosQLJ+dck7SBcvTT4lPhEcSQxg==

ssh keys of science.ru.nl hosts will be automatically accepted.

Ssh can be used for:

  • port forwarding on another host
  • proxying for example web traffic
  • almost complete vpn functionality

Please consult this article for some excellent tips on how to use and configure your ssh client.

Preventing disconnects

In case you experience connectivity issues using ssh, use the following settings for your ssh-client. This can be done by adding the following lines to the config file .ssh/config (or /etc/ssh/ssh_config):

TCPKeepAlive no
ServerAliveInterval 60
ServerAliveCountMax 10