SSH tips & tricks

SSH tips & tricks

D93fb300519f17800d3fbc8119ed4bed?s=128

Nobutoshi Ogata

March 26, 2012
Tweet

Transcript

  1. 3.
  2. 6.
  3. 7.
  4. 18.

    ϦϞʔτϩάΠϯ • ssh -i USER -l ~/.ssh/id_rsa REMOTE • ·͊1-2୆ͳΒ

    ↑͜ͷ ॻ͖ํͰ΋զຫͰ͖ͦ͏ • ϢʔβʔΛ࢖͍෼͚͍ͨ • 伴Λ࢖͍෼͚͍ͨ
  5. 19.

    .ssh/config Host hoge HostName hoge.example.com IdentityFile ~/.ssh/id_rsa.hoge User hoge_user Host

    moge HostName moge.example.jp IdennityFile ~/.ssh/id_rsa.moge User moge_user Host * ForwardAgent yes ServerAliveInterval 200 ForwardX11 no
  6. 23.

    ssh-agent࢖͍ճ͠ (2) ssh-reagent () { for agent in /tmp/ssh-*/agent.*; do

    export SSH_AUTH_SOCK=$agent if ssh-add -l 2>&1 > /dev/null; then echo “Found working SSH Agent:” ssh-add -l return fi done echo “Cannot find ssh agent - maybe you should reconnect and forward it?” }
  7. 25.

    ଟஈSSH (2) $ ssh -o 'ProxyCommand ssh USER@GATEWAY -W %h:%p'

    USER@INNER_HOST Host *-proxy User user ProxyCommand ssh gateway -W %h:%P ※ sshΫϥΠΞϯτͷOpenSSHόʔδϣϯ5.4 Ҏ্ ※ αʔόʔଆͷόʔδϣϯ͸ؔ܎ͳ͍Ͱ͢
  8. 26.

    ଟஈSSH (3) Host host3 ProxyCommand ssh host2 -W %h:%P Host

    host2 ProxyCommand ssh host1 -W %h:%P Host host1 User ore • ↑ͱ͔΍ͬͱ͘ͱɺssh host3 ͱ͍͏͚ͩ Ͱhost1→host2→host3ͱܦ༝ͯͭ͠ͳ͕ Γ·͢
  9. 27.

    ଟஈSSH (4) $ ssh -t GATEWAY ssh REMOTE • ͍͍ͪͪ

    .ssh/config ॻ͘ͷΊΜͲ͍ͱ͖ ʹͰ΋Ͳ͏ͧ • -t ͠ͳ͍ͱGATEWAY͔Βͷssh͕ྫ͑͹ sudo -u USER ssh REMOTEͩͬͨ৔߹ ͪΐͬͱةݥͰ͢
  10. 29.

    Port Forwarding (2) $ sudo ssh -Nf -L80:HOST:80 GATEWAY •

    gatewayܦ༝Ͱhost:80͕127.0.0.1:80΁సૹ ͞ΕΔ • name base virtual hostͷ৔߹͸ /etc/hosts Λద౰ʹॻ͖׵͑Δ • ౿Έ୆ܦ༝Ͱ͔͠ΞΫηεͰ͖ͳ͍ WebαʔόΛlocalͷϒϥ΢βͰΞΫηε
  11. 30.

    Port Forwarding (3) • ౿Έ୆ܦ༝Ͱ͔͠ΞΫηεͰ͖ͳ͍ mysqlαʔόΛlocalͰ࢖͏ $ ssh -Nf -L13306:HOST:3306

    GATEWAY $ mysql -uroot -p -P13306 -h127.0.0.1 • ಉ͡ཁྖͰPOP3ͱ͔΋సૹՄೳ
  12. 31.

    Port Forwarding (4) • GATEWAYܦ༝Ͱ͔͠ೖΕͳ͍hostʹɺଞ ͷhost͔ΒͰ͔͍ϑΝΠϧΛૹΓ͚ͭΔ $ ssh -fCN -L

    10022:TARGET:22 USER@GATEWAY $ rsync --bwlimit=25600 --progress -az -e “ssh -p 10022” /path/to/large/file localhost:~/
  13. 32.

    Resumeػೳ͖ͭసૹ $ rsync --partial --progress --rsh=ssh SOURCE_FILE USER@HOST:DEST_FILE $ rsync

    --partial --progress --rsh=ssh USER@HOST:SOURCE_FILE DEST_FILE • Resume͕ඞཁͳϑΝΠϧసૹͬͯ͜ͱ ͸ɺϒπ͕Ͱ͔͍ͱࢥΘΕΔͷͰඞཁ ʹԠͯ͡ --bwlimit ͠·͠ΐ͏
  14. 33.

    ೝূͱίϚϯυ੍ݶ from=”!foo.example.com,*.example.com”, no- pty, command=”ls” ssh-rsa AAAAB3NzaC1yc2EAAAADAQ....... • .ssh/authorized_keys •

    192.168.0.?ͱ͔192.168.0.*ͱ͔192.168.0.0/24 ͱ͔ • fooҎ֎ͷ*.example.comͷ伴Ͱ͔͠ೝূͰ͖ ͣɺԾ૝୺຤͕औΕͳ͍ɺ͔ͭls͕࣮ߦ͞Ε Δ͚ͩ
  15. 34.

    Remote Diff $ ssh USER@HOST cat /path/to/ remotefile | diff

    /path/to/localfile - Remote Disk Mount $ sshfs USER@HOST:/path/to/ folder /path/to/mount/point
  16. 35.

    Remote Command with screen $ ssh HOST screen -d -m

    /heavy/command Login with screen $ ssh -t HOST [ $STY ] || screen -rx || screen -D -RR
  17. 36.

    ެ։伴Λ҆શʹίϐʔ $ ssh-copy-id େྔͷαʔόʹssh $ pssh -h hostlist.txt -i “grep

    -ri err /var/log” ※ http://freecode.com/projects/pssh
  18. 37.

    zsh+tmuxͰsshͨ͠Β ৽΢Οϯυ΢ # ~/.zshrc if [ $TERM = screen ];

    then function ssh_tmux() { eval server=\${$#} tmux new-window -n $@ "exec ssh $@" } alias ssh=ssh_tmux fi
  19. 38.

    sshίωΫγϣϯଟॏԽ # ~/.ssh/config ControlMaster auto ControlPath ~/.ssh/connections/%r@%h:%p • ී௨͸αʔόʔଆʹsshd͕୔ࢁ͕͋Γ·͢ •

    ↑͜ΕΛ΍Δͱ1ͭͷsshd͕ෳ਺ͷsshͷ໘౗ ΛΈΔΑ͏ʹͳΓ·͢ • ίωΫγϣϯཱ֬ࡁΈͳΒೝূෆཁ
  20. 39.

    αʔόʔຖʹ ΤϯίʔσΟϯά͕ҧ͏ $ sudo (brew|port) install cocot $ cocot -t

    UTF-8 -p EUC-JP ssh HOST • cygwin൛΋͋ΔͬΆ͍ • -t Ͱλʔϛφϧͷจࣈίʔυ • -p Ͱ઀ଓઌͷจࣈίʔυ ※ https://github.com/vmi/cocot
  21. 40.

    ࣾ಺͔Β֎΁͸PROXY ܦ༝͔͠։͍ͯͳ͍! • stoneΛ࢖͏ OUTER$ sudo stone localhost:22 443 INNER$

    stone proxy.example.com:8080/http 10022 ‘CONNECT OUTER:443 HTTP/1.0’ OUTER$ ssh -p 10022 localhost ※ http://www.gcd.org/sengoku/stone/Welcome.ja.html