

The Hacker's Utility Belt: SSH - apgwoz
http://sigusr2.net/2009/May/07/hacker-utility-belt-ssh.html

======
Bjoern
Not to be overly critical but - why - is this in the TOP3 of HN? It's a
totally^Wrather incomplete^Wnice `intro` to SSH, ok. Aside from this......

~/.ssh/config:

# This is maybe useful if you get dropped all the time

# due to stricter SSHd rules.

ServerAliveInterval 60

# Instead of tunneling always with the CLI directly why not

# make a entry in your ssh config to make it easy, e.g.

HostName your.companies.host

User username

LocalForward 9999 clients.oracle.server.name:1521

# You can also use "Port" if the SSHd is on a non 22 port

On the CLI:

# Does all the tunneling automatically

ssh your.companies.host

~~~
apgwoz
I agree completely. The post is nothing more than a "hey, if you're not using
ssh for these two things, maybe take a look." I went this route because there
are so many other full fledged introductions to ssh, that I thought it'd
almost be a waste of my time. I'm sorry that reading it wasted yours.

------
jf
Another cool feature of SSH: Escape Characters

(The following is an excerpt from the manpage for ssh(1) with the same title)

~. Disconnect. ~? Display a list of escape characters.

The ~. escape character is useful for getting back to your prompt when your
SSH session has hung or died.

------
tannerburson
I'm a big fan of the ForwardAgent option. It allows you to, based on
destination, pass your SSH key forward and have it used as the private key on
the destination server as well. This allows me to ssh into a remote server,
but keep my key based access rights on other servers (or github).

~~~
thristian
The standard warning about agent-forwarding: ssh-agent works by exposing your
private keys to any process running as you, or any process running with root
permissions. You have to trust your laptop or workstation (if you didn't, you
wouldn't be typing passwords at the keyboard) so ssh-agent is pretty safe
locally, but you should be careful about extending that level of trust to
other hosts.

For example, I use agent-forwarding all the time at $EMPLOYER, because the
same sysad is responsible for my workstation and the production systems, so
every host is equally trustworthy. I might use agent-forwarding when
connecting to a shell-server run by a friend, I wouldn't use it while
connecting to an anonymous service like github or gitorious.

