SSH


Secure Shell, of course. Besides the obvious OpenSSH link, this page will hold some of the less obvious (and more useful) stuff:

Resources:

Essentials:

  • DenyHosts – block script kiddies and other pests from trying to do dictionary-based attacks on your server (on the internet, nobody knows that you only use key-based authentication – not even morons).

HOWTOs:

Tools:

Clients:

Libraries:

Useful tricks:

Automatic session forwarding

If you routinely need to access a host behind another (or a VM inside a host), this is a relatively painless way to do so (won’t allow you to do SFTP, though, since that’s a different subsystem):

cat ~/.ssh/authorized_keys | grep command
command="ssh [email protected]" ...rest of key

Keepalives

Using the built-in keepalive feature to maintain tunnels with a TCP keepalive and a 30s internal (in-band) client active check (will try 10 times before disconnecting):

KeepAlive yes
ClientAliveInterval 30
ClientAliveCountMax 10

Speeding up connections to the same host (thanks to Melo):

$ head -3 ~/.ssh/config
Host *
  ControlMaster auto
  ControlPath /tmp/501/mux-%h-%p-%r

(on my machine the socket file is in 502 – more similar tips here)