Currently i invoke the following:
$ ssh <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="7a171f3a1215090e54191517">[email protected]</a> my_cmd
This is slow and not easy to automate safely.
I would like to establish ssh connection once and have some script that will forward my commands to host.com and print output.
Is that possible ?
Adding my machine to authorized_keys is not an option for me and it wouldn’t solve slowness issue.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
The feature is called ControlMaster which does multiplexing over one existing channel. It causes ssh to do all of the key exchanges and logging in only once; thus, the later commands will go through much faster. You activate it using these three lines in your .ssh/config:
Host host.com ControlMaster auto ControlPath ~/.ssh/master-%C # for openssh < 6.7 you need to use this one: # ControlPath ~/.ssh/master-%<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="b8caf8">[email protected]</a>%h-%p ControlPersist 5m
You can adjust it to your needs; one alternative is that you could open one master connection that stays open during your other commands; then you would not need ControlPersist.
There are many possibilities with this feature to tweak, but make sure you store your ControlPath socket in a safe place, not readable by other users, otherwise it could be misused.
More info can be found in the ssh_config(5) manual page.
Method 2
If you have control of the machine to the point that you are automating tasks on it, then why is adding your key to authorized_keys not an option?
ssh-copy-id -i ~/.ssh/foo <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="cdbea2a0a8a5a2beb98da8b5aca0bda1a8e3aea2a0">[email protected]</a>
Then you don’t have to enter a password every time you connect.
If the biggest problem is that connections take a long time to connect, you could reuse a single connection by adding control master to your ssh config. Leave that one connection running, an any subsequent connections will be nearly instantaneous.
Host * ControlMaster auto ControlPath ~/.ssh/sockets/%<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="285a68">[email protected]</a>%h-%p ControlPersist 600
https://puppetlabs.com/blog/speed-up-ssh-by-reusing-connections
In the long run, if you are automating tasks, you are proabably better off using an automation framework that handles establishing the connection for you, like :
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0