ssh config: Difference between revisions
mNo edit summary |
No edit summary |
||
Line 54: | Line 54: | ||
Host dm2 | Host dm2 | ||
Hostname datamover2 | Hostname datamover2 | ||
</syntaxhighlight> | |||
== X Forwarding == | |||
If you want to automatically enable X forwarding, you can add | |||
<syntaxhighlight lang="text" enclose="div"> | |||
ForwardX11 yes | |||
ForwardX11Trusted yes | |||
</syntaxhighlight> | |||
to the hosts that you want to enable the X forwarding for. It's generally a [https://padraic2112.wordpress.com/2007/07/09/bad-security-201-remote-x-sessions-over-ssh/ Bad Idea] to enable it for all hosts, so only enable it for the hosts that you trust and will be fordwarding X from. If this is the MATH machines, then the snippet from the top becomes | |||
<syntaxhighlight lang="text" enclose="div"> | |||
# MATH hosts | |||
Host belize thelon winisk kazan zambezi plata fe101 fe105 fe107 cpu105 cpu111 cpu113 cpu119 cpu121 cpu123 cpu125 cpu127 | |||
HostName %h.math.uwaterloo.ca | |||
ForwardX11 yes | |||
ForwardX11Trusted yes | |||
</syntaxhighlight> | </syntaxhighlight> |
Revision as of 17:05, 2 August 2013
You can use the ssh configuration file to save typing the full host name most of the time. For example, "ssh belize" is faster than "ssh belize.math.uwaterloo.ca".
The basics
Create the file ~/.ssh/config, and add the following:
# MATH hosts
Host belize thelon winisk kazan zambezi plata fe101 fe105 fe107 cpu105 cpu111 cpu113 cpu119 cpu121 cpu123 cpu125 cpu127
HostName %h.math.uwaterloo.ca
# SHARCNET hosts
Host kraken orca requin saw angel dtn gulf hound lundun mako megamouth monk tope bramble brown goblin gulper guppy iqaluk prism redfin school wobbie
HostName %h.sharcnet.ca
then change permissions on that config file to be only readable by your user,
chmod 600 ~/.ssh/config
and you'll be able to ssh directly to all of those hosts by just using the main name.
SciNet
SciNet has a login node that you need to login to first before you can access the transfer/development nodes. You can shortcut this process with a few more lines your ~/.ssh/config file. The following lines make sense for any machine outside of SciNet (your laptop, belize, etc).
# SciNet
Host scinet sci
HostName login.scinet.utoronto.ca
Host dm1 datamover1
Hostname datamover1
ProxyCommand ssh scinet -W %h:%p
Host dm2 datamover2
Hostname datamover2
ProxyCommand ssh scinet -W %h:%p
Host gpc*
ProxyCommand ssh scinet -W %h:%p
For the ~/.ssh/config file on your SciNet account, you do not want to include the proxy commands. It only makes sense to include the aliases:
# SciNet
Host scinet sci
HostName login.scinet.utoronto.ca
Host dm1
Hostname datamover1
Host dm2
Hostname datamover2
X Forwarding
If you want to automatically enable X forwarding, you can add
ForwardX11 yes
ForwardX11Trusted yes
to the hosts that you want to enable the X forwarding for. It's generally a Bad Idea to enable it for all hosts, so only enable it for the hosts that you trust and will be fordwarding X from. If this is the MATH machines, then the snippet from the top becomes
# MATH hosts
Host belize thelon winisk kazan zambezi plata fe101 fe105 fe107 cpu105 cpu111 cpu113 cpu119 cpu121 cpu123 cpu125 cpu127
HostName %h.math.uwaterloo.ca
ForwardX11 yes
ForwardX11Trusted yes