Tuesday, March 1, 2016

SSH: How to Simplify Connection Using Configuration Files

ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine. ssh obtains configuration data from the following sources in the following order (for each parameter, the first obtained value will be used):
  1. command-line options
    • If a configuration file is given on the command line (i.e., ssh -F ), the system-wide configuration file (/etc/ssh/ssh_config) will be ignored
  2. user's configuration file
    • ~/.ssh/config
  3. system-wide configuration file
    • /etc/ssh/ssh_config
In this article, we will focus on the specifications of directives via ssh's configuration file (specifically user's configuration file).

Advantages of Using Configuration File


There are some advantages of using configuration file to specify ssh directives:
  1. Can use shorthand to avoid long keystrokes
  2. Avoid mistakes
    • Especially when you have lots of parameters to be specified and/or some of them using non-standard connection values.
  3. Can provide options in different scopes (per-host vs per-user)

User's Configuration File


Here are the sample contents from a user's configuration file (i.e., ~/.ssh/config):
Host dev
    HostName dev.example.com
    Port 22000
    User fooey
Host github.com
    IdentityFile ~/.ssh/github.key
Instead of specifying:
  • ssh fooey@dev.example.com -p 22000

now you can just use the shorthand "dev" and the options will be read from the configuration file:
  • ssh dev

Ssh session normally will prompt you for a password. However, you can also set up public/private keys for password-less logins.[4]

Format of Configuration File


To get you started, here are the basics:[3]
  • Section
    • Separated by "Host" specifications
      • A single ‘*’ as a pattern can be used to provide global defaults for all hosts
        • See here for more information on patterns
      • The matched host name is usually the one given on the command line
  • Comment
    • Empty lines and lines starting with ‘#’ are comments.
  • Keyword
    • Case-insensitive
    • Examples
      • Host, Match, etc.
  • Directive/Argument
    • Directive
      • Used to specify session details including:
        • Identity
          • Username
        • Bind address
          • [bind_address:]port:host:hostport
        • Address family
          • any”, “inet” (use IPv4 only), or “inet6” (use IPv6 only)
        • Other options
      • See the directive reference here
    • Argument
      • Arguments are case-sensitive
      • Arguments may optionally be enclosed in double quotes (") in order to represent arguments containing spaces.

/var/log/secure


Linux has an extensive set of log files under the /var/log directory.[5] This directory is the central place where all applications and programs put their log files. Most log files are text files that can be viewed using a standard text editor.

/var/log/secure – This file contains all security related messages on the system. This includes authentication failures, possible break-in attempts, SSH logins, failed passwords, sshd logouts, invalid user accounts etc.

-rw------- 1 root root 3091237 Sep 14 11:54 secure
-rw------- 1 root root 2429153 Aug 18 01:50 secure-20130818
-rw------- 1 root root 4695728 Aug 25 03:29 secure-20130825
-rw------- 1 root root 12348973 Sep 1 02:24 secure-20130901
-rw------- 1 root root 7211819 Sep 8 01:22 secure-20130908


As shown above, old secure files are archived periodically with their name annotated with the date. 
/var/log/messages – This file contains messages of various programs and services including the SSH server.[6,7] Old message files are also archived periodically with their name annotated with the date.

References

  1. How to Keep Alive SSH Sessions
  2. Simplify Your Life With an SSH Config File
  3. ssh_config(5)
  4. How do I set up ssh so that I don't have to use a password? (Xml and More)
  5. 20 Linux Log Files that are Located under /var/log Directory
  6. How do I debug SSH problems?
  7. Difference between /var/log/messages, /var/log/syslog, and /var/log/kern.log?
  8. Verifying SSH Key Fingerprint and More (Xml and More)

No comments: