Differences

This shows you the differences between two versions of the page.

--- ssh [2011/07/21 15:05] – created k2patel
+++ ssh [2021/06/08 20:07] (current) – [Tips & Tricks] k2patel
@@ Line 4: / Line 4: @@
 From ssh2 to openssh
-<code>
+<code bash>
 ssh-keygen -i -f id_dsa.pub > id_dsa_open.pub
 </code>
 From OpenSSH to ssh2
-<code>
+<code bash>
 ssh-keygen -e -f id_dsa.pub > id_dsa_ssh2.pub
+</code>
+==== SCP Speed UP ====
+To increase speed on transfer you can force cipher to arcfour.\\
+You can use same mechanism with rsync when you use ssh encapsulation. \\
+<code bash>
+scp -c arcfour <source> <destination>
+</code>
+<code bash>
+rsync -av -e "ssh -c arcfour -l <username>" <Source> <Destination>
+</code>
+<html>
+<span style="color:red">NOTE:</span> THis reduce your security though
+</html>
+==== SSH Tunnels ====
+=== Forward Tunnel ===
+It is used when you want to forward local port to remote port over SSH.
+<code bash>
+ssh -f -N -L 5445:localhost:5432 root@<machine>
+</code>
+=== Reverse Tunnel ===
+It is used when you want to forward Remote Port to Local Port.\\
+Usually used to allow access other way around.
+<code bash>
+ssh -f -N -R 5445:localhost:5432 root@<machine>
+</code>
+==== SSH Agent automation ====
+Undefine existing value and define new value in session.\\
+This also keep the value same since nothing is changing.
+<code bash | .screenrc>
+    unsetenv SSH_AUTH_SOCK
+    setenv SSH_AUTH_SOCK $HOME/.screen/ssh-auth-sock.$USERNAME
+</code>
+Each call of screen command will overwrite the existing symlink.
+<code bash | .bashrc>
+    _ssh_auth_save() {
+            ln -sf "$SSH_AUTH_SOCK" "$HOME/.screen/ssh-auth-sock.$USERNAME"
+    }
+    alias screen='_ssh_auth_save ; screen'
+</code>
+Now add key to your session with "ssh-add".\\
+That should do it.
+==== Tips & Tricks ====
+== Show fingerprint of key ==
+<note important>You can use -v to print random ASCII Image</note>
+<code bash>
+# Using -E can specify MD5 has which mostly require to compare
+ssh-keygen -lf .ssh/OLD/id_rsa.pub.old
+</code>
+OR
+<code bash>
+ssh-keygen -l -F ip.k2patel.in
+</code>
+It will print for all public key in single file if there is multiple key in it.\\
+Also, it is usefull in identifying MITM Attack by comparing against your known host.\\
+== Print fingerprint on login ==
+You can enabled printing of server key by setting following variable.\\
+<note tip>you can setup on any of following file /etc/ssh/ssh_config OR .ssh/config</note>
+<code bash>
+VisualHostKey yes
+</code>
+== Run Command from file Remotely ==
+Place all your command in xyz file. And run as follows
+<code bash>
+ssh -l k2patel nice.k2patel.in "`cat xzy`"
+</code>
+== Comment on public key ==
+You can control comment on public key during generation using following command.
+<code bash>
+ssh-keygen -t rsa -C "k2patel rsync to remote server xyz" -f .ssh/remote_xyz
+</code>
+== Temporarily disable ssh key forwarding ==
+This will disable key forwarding, while login with the key.
+<code bash>
+ssh yahoo.com -i .ssh/id_ed25519 -o IdentitiesOnly=yes -F /dev/null -l ketan
 </code>