azarus' page

SSH recommendations

Date: 2018-09-06

I realized how inconvenient and what a hassle it is to use ssh with its default settings, so here's what I use to save my fingers from typing lots.


You certainly use public-key based authentiation in SSH with locally encrypted keys (right?). If you're wondering how people keep sane when entering their key password multiple times daily: They don't. They use ssh-agent, which is provided with OpenSSH. To make it start and be the same across all your shell sessions, here's a fragment of my ~/.kshrc:

export SSH_AUTH_SOCK=~/.ssh/ssh-agent.sock
ssh-add -l 2</dev/null >dev/null
if [ $? -ge 2 ]; then
	ssh-agent -a "$SSH_AUTH_SOCK" >/dev/null

To make ssh-agent add your keys when you first use them in the session, add this in your ~/.ssh/config:

AddKeysToAgent yes

SSH multiplexing

SSH connections take a while to establish, and waiting for things to happen is just so... 80s. So the clever folks who invented and wrote the SSH protocol added a handy feature: multiplexed connections.

When using a multiplexed connection, any subsequent connection is initialized almost instantaneously, since there is no need for:

And thus, multiplexing is very handy for when you want to use multiple or many SSH sessions subsequently. To enable them (which I recommend), add to ~/.ssh/config:

ControlMaster auto
ControlPath ~/.ssh/cm-%r@%h:%p
ControlPersist 10m


Everything described here is also (of course) documented in the ssh man page (also see the "see also" section) provided with OpenSSH.