From Network Security Wiki

Secure Shell (SSH) Tips & Tricks:

Passwordless SSH Aunthentication

ssh-keygen  [Press enter key 3 times]                          # Generate SSH key pair (public + private key)
ssh-copy-id -i ~/.ssh/ -p 2222      # Copy Public key to remote server's password:xxxxxxxxxxx
ssh -p 2222                                   # Test connectivity

Add the following to .bashrc file:

alias easyssh='sshpass -p passwd ssh -p 2222'

But this may be a security issue as password can be found from logs & this file.

MySQL connection over SSH tunnel

ssh -f -L -N

Then at localhost:

mysql -h -P 3307 -u dbuser -p db

Use Key-less SSH login to skip password entry.

Copy files via SSH

sshpass -p nsroot scp -rp nsroot@ conf.txt

Disable SSH timeout

Completely disable SSH timeout

sudo nano /etc/ssh/sshd_config
  TCPKeepAlive yes
  ClientAliveInterval 30
  ClientAliveCountMax 99999
sudo service sshd restart

Password from LAN, Key from Internet


sudo nano /etc/ssh/sshd_config
# require a key for everybody
PasswordAuthentication no

# any member of the group 'downstairs' can log in without a key
# while connecting from the subnet 
Match Address Group downstairs
    PasswordAuthentication yes

{{#widget:DISQUS |id=networkm |uniqid=SSH |url= }}