1 |
On 21.05.2015 10:49, Paul Tobias wrote: |
2 |
> On 20 May 2015 22:08, "Stefan G. Weichinger" <lists@×××××.at> wrote: |
3 |
>> |
4 |
>> alias abcd-server='ssh -p 51023 174.183.26.11' # demo only |
5 |
> |
6 |
> Instead of aliases, you can put this into ~/. ssh/config: |
7 |
> Host abcd |
8 |
> Port 51023 |
9 |
> Hostname 174.183.26.11 |
10 |
> |
11 |
> And then you can simply do this: |
12 |
> ssh abcd |
13 |
> |
14 |
> As a bonus, the host abcd will work with scp and rsync too. |
15 |
|
16 |
Yes, I knew of that. |
17 |
|
18 |
I have to think what is better ... maybe really your suggested way of |
19 |
doing it. |
20 |
|
21 |
I just have to "convert" my aliases once ... |
22 |
|
23 |
> You can |
24 |
> check man ssh_config for some other options to use, for example the |
25 |
> User is very useful too. Here are some more tricks: |
26 |
> https://blog.flameeyes.eu/2011/01/mostly-unknown-openssh-tricks |
27 |
> |
28 |
> There is a package net-misc/keychain which is useful to add your keys |
29 |
> to the agent, and handles gpg keys too. |
30 |
|
31 |
I have that on my systems, yes. |
32 |
|
33 |
> Also note that most ssh servers allow only 3-5 authentication |
34 |
> attempts, so if you have more than 2 keys in your agent, then |
35 |
> connecting to a server with password authentication might fail. |
36 |
|
37 |
ok, good to have that in mind, yes |
38 |
|
39 |
> If you need to keep security boundaries but don't want to give up the |
40 |
> convenience of ssh agent forwarding then you can use ssh-ident, as |
41 |
> described here: http://rabexc.org/posts/pitfalls-of-ssh-agents |
42 |
> (unfortunately no gentoo package for that one, but it's just a single |
43 |
> python file). |
44 |
|
45 |
thanks! nice hints ... I will take a closer look later when I fixed that |
46 |
logjam-stuff on web and mailservers .... |
47 |
|
48 |
nice day to you as well, Stefan |