ServersTip of the Trade: OpenSSH Speed Tips and Tricks

Tip of the Trade: OpenSSH Speed Tips and Tricks

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.




Although using public key authentication instead of passwords is a great method for increasing the security of SSH transfers, transferring SSH identity keys can be a royal pain. First, you create your key pairs; then, you copy the public key into the correct locations on all the machines you want to log into. The keys must be in a particular format, and you must go into the correct directory with the correct permissions. Fortunately, ssh-copy-id, a slick utility included with OpenSSH, makes it easy.

Using public key authentication is a great way to make SSH transfers more secure. Transferring SSH identity keys can be a royal pain, however. Fortunately, ssh-copy-id, a slick utility included with OpenSSH, simplifies the process.

SSH is a secure remote administration utility with a seemingly endless variety of clever shortcuts and capabilities. For example, you can log in and execute a remote command with a single command, rather than first logging in and then typing the command:

This is a fun example that also demonstrates a little gotcha- ls ~ will list Carla’s home directory, not Terry’s. If you want to see Terry’s home directory you must specify ls /home/terry. You can do this with any one-off command, such as starting a backup script, viewing running processes or printing a document.

$ ssh-copy-id -i  id_rsa.pub terry@host2 

ssh-copy-id copies identity keys in the correct format, makes sure file permissions and ownership are correct, and ensures a private key is not accidentally copied.

Using key-based authentication instead of passwords means you don’t have to give away system passwords. To make it easier to manage multiple remote systems, you can give your keys any arbitrary names you want when you create them, like this:

$ ssh-keygen -t rsa -f id_apacheserver

When you connect, you simply name the correct key:

$ ssh -i id_apacheserver carla@host.alrac.net

Finally, don’t forget the wonderful sshfs command for mounting an entire remote filesystem. It’s much faster and easier than setting up a Samba or NFS server. First, create a local directory for the mountpoint, then fetch your remote filesystem:

$ sshfs hostname:/remotedir localdir/

Now, you can operate on the remote files as if they were local.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories