[ale] ssh is amazing ...

Jim Kinney jim.kinney at gmail.com
Mon Dec 29 13:23:59 EST 2014 

On Mon, 2014-12-29 at 11:04 -0500, JD wrote:
> Let's get some helpful discussions going.
> 
> ssh is one of the few tools that is both more secure AND more convenient.
> ssh is enough for
> * secure remote access to files via sftp
> * secure remote filesystem access via sshfs

Setting this up now to make use of some remote storage.

> * secure remote CLI/shell access to systems with plain ssh

My job would SUCK without this!

> * secure remote desktop access via x2go/freenx (about 2x faster than VNC/RDP)

Great way to access the web gui of remote consoles hidden behind a
firewall on a seperate LAN segment.

> * secure remote file replication with rsync (ssh is the default rsync protocol)

Did not know it was the default now. I guess I can drop the -e ssh :-)

> * secure port forwarding of selected ports

The only way I've ever know. It can be confusing to first wrap the head
around but eventually is makes sense. Very powerful.

> * secure remote editing with vim/gvim and other editors
> * pseudo-VPN with sshuttle <-- this may be helpful.

Must look into this.

> 
> Would love it if folks shared their solution for one of the above situations
> using ssh.
> 
> Here's mine for remote editing:
> $ vim rsync://devsrv/~userid/.bashrc
> 
> 
> Try it now, see it work.  gvim works too, as do other, select, editors.
> 
> ================================================================
> 
> Don't forget about the ~/.ssh/config file to make life easier.  An example
> stanza (no limit on different stanzas or global options):
> # -------------------------
> host firewall
>   user user5464292
>   hostname 172.28.1.200
>   # hostname somefunnyname.dyndns.org
>   port 62029
> 
> # Add more host-aliases and stanzas here
> # -------------------------
> 
> All ssh-based connections to 'firewall' will look up the information in this
> config file and fill it in automatically.  Works for rdiff-backup, rsync, ssh,
> sshfs, scp, sftp, and other tools.  username, hostname/IP, port is handled for
> us. No more wondering if specifying the port is -p or -P!  No more need to
> remember the remote userid or remote IP/hostname. Use the alias (firewall), save
> typing, and be happy.

OK. The config is new to me. I've been hacking up connect scripts for
years as, well, bash scripts that need a password at some point. This
just makes it all a warm happy moment. Cool! I'm sure I've read the man
pages for ssh many, many times. Not sure why I never realized the
simplicity of the config file.

> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

More information about the Ale mailing list