Don’t enter any passphrase, just press an ENTER key. You don’t want to provide it everytime you are trying to establish a connection, don’t you?
That’s quite dangerous advice. You should still have a strong password on your private key file and use an agent to avoid having to type the password every time you use the key.
Such a setup allows me to not rely on the system resolver for hostname lookups. It works by canonicalizing hostnames and then re-reading the configuration file. You can see how this is done with -v and how options are applied. But most importantly, it allows me to easily overwrite the default options for some hosts. Something that does not “just works” without the CanonicalizeHostname option.
Host gerrit.domain.tld
User birkelund
Port 29418
KexAlgorithms +diffie-hellman-group1-sha1
IdentityFile ~/.ssh/id_rsa
After reading this I looked up the Compression & ControlMaster options only to find out that I didn’t know of ProxyCommand. I’d aliased my ssh remotes from config and I just type:
$ <nameofhost>
<nameofhostbehind> # while first one loads
And I get in the second one immediately. My hosts are usually 3 or 4 char long so this whole process was ok. But now can just type once. A minor time saver but cool nonetheless. How did I not know of ProxyCommand in ssh config? 🤦🏻♂️
That’s quite dangerous advice. You should still have a strong password on your private key file and use an agent to avoid having to type the password every time you use the key.
Beyond dangerous. Completely ignorant.
I’ve found that the Canonicalize-family of options are my best friends.
This allows me to do stuff like
Such a setup allows me to not rely on the system resolver for hostname lookups. It works by canonicalizing hostnames and then re-reading the configuration file. You can see how this is done with
-vand how options are applied. But most importantly, it allows me to easily overwrite the default options for some hosts. Something that does not “just works” without theCanonicalizeHostnameoption.Reading such articles makes me question… am the the only one who reads manpages? ssh_config(5) and ssh-keygen(1) are my favourite.
After reading this I looked up the
Compression&ControlMasteroptions only to find out that I didn’t know ofProxyCommand. I’d aliased my ssh remotes fromconfigand I just type:And I get in the second one immediately. My hosts are usually 3 or 4 char long so this whole process was ok. But now can just type once. A minor time saver but cool nonetheless. How did I not know of
ProxyCommandin ssh config? 🤦🏻♂️I hate this is called a “trick”. It seems very clickbait to me. Better title: “Top 10 SSH tricks GONE SEXUAL (PRANK)”.