

SSH Multiplexing & other OpenSSH Tricks - symkat
http://symkat.com/35/ssh-tips-and-tricks-you-need/

======
mst
I do wish keepalive could be turned on/off more dynamically - most of the
locations I connect from it's a disadvantage so I don't have it configured,
and having to edit the config file when I'm in one where it's useful just
annoys me.

I suppose I should just write a script that perl -pi -e 's/KeepAlive
yes/KeepAlive no/' .ssh/config or similar, but it still seems ... annoying.

~~~
njn
I'm curious why you would want multiple connections to the same host in the
first place. Why not use a terminal multiplexer?

~~~
danohuiginn
it's convenient if you want to pipe the output of a command on a remote
machine into another command on a local machine

ssh server remotecommand | localcommand

~~~
danohuiginn
And some reasons why you might want to do _that_ :

* set up a machine with all packages installed on some (debian/ubuntu) server: ssh server dpkg --get-selections| cut -f1 | xargs sudo apt-get install

* compare output of commands on two machines diff <(command) <(ssh server command)

* test/configure software on a local machine, plugging in its input from the roduction machine where it will be installed once ready

* avoid installing software on the server entirely; pull in the remote output and wrangle it locally (obv. not so good for high volumes)

* think a bug can be fixed by upgrading some software? try it on a test machine, pipe in the required input, and see

------
ljlolel
Is there a way to do the reverse? That is, can I ensure a more stable
connection by using one terminal to open multiple SSH TCP connections for
faster speed and redundancy?

My workplace sometimes suffers from serious problems and because TCP allocates
resources based on number of connections, I'm pretty sure I can improve the
situation by establishing 2 tcp connections for the terminal.

~~~
dedward
TCP was designed to assume that packet loss was due to contention... so if you
have random or other non-contention-related packet loss, your sessions will
slow to a crawl. In this case multiplexing might make things worse than
separate sessions... but you're probably just as screwed either way. What you
really need to do is just get them to fix the random packet loss problem you
probably have.

------
kentnl
+1 just for the multiplex magic, But then, I /would/ say that =)

That TTL thing is handy too, I'm sure I had some understanding of it
previously, but reading the article made me check my settings and made me
realize my timeouts were ridiculously low so even short disconnections killed
my session.

------
guac
For the proxy thing you may want to configure your applications to proxy DNS
requests as well. Some do not do it by default and would leak the hostnames
you're connecting to.

In firefox the about:config variable is "network.proxy.socks_remote_dns". Set
it to true.

------
surki
autossh [http://www.debianadmin.com/autossh-automatically-restart-
ssh...](http://www.debianadmin.com/autossh-automatically-restart-ssh-sessions-
and-tunnels.html)

------
luu
I wish cygwin supported multiplexing. Emacs + TRAMP is noticeably slower for
me when I'm running on Windows. Anyone have a good workaround or alternative?

------
joeshaw
See also: <http://news.ycombinator.com/item?id=1536126>

------
fragmede
'-t' is also useful if you have machines behind a NAT you want to get to: ssh
-t gateway.example.com ssh protected_machine

~~~
mooism2
Or you could add the following to your ~/.ssh/config instead:

    
    
        Host protected_machine other_protected_machine
        ProxyCommand /usr/bin/ssh gateway.example.com /bin/nc -w 3700 %h %p
    

(Assumes you have /bin/nc installed on your gateway.)

------
est
just to be clear, multiplexing happens on the client side, right? What's the
difference between multiplexing and ssh-proxy?

~~~
kentnl
Multiplexing is multiplexing. That is, encoding multiple data streams across
one channel. In our case, thats having a singular SSH connection from a to b,
but having multiple streams of bidirectional data flowing across that singular
connection. <https://secure.wikimedia.org/wikipedia/en/wiki/Multiplexing> So
no, multiplexing is started on the client side, and then it happens on server
side too. There has to be a multiplex ( many to 1 ) and demultiplex ( 1 to
many ) in order for "multiplexing" to occur.

