Posts Tagged ‘Ubuntu’

Mux Multiple SSH Connections to the Same Host

8 Dec 2008

Or: Connecting Multiple SSH Clients Over One Connection

Motivation

I love the command-line. If you get a peek at my computer monitor, you’ll like see a web browser and many, many terminal windows. I connect to many “headless” hosts via SSH and live in text mode. However, I don’t love cluttering system logs or slow SSH startup times. Both can be alleviated in part by multiplexing (“muxing”) multiple SSH connections, which can be easily configured in OpenSSH.

After completing this lab, I also found that it solved another problem: I can now shell into a host multiple times with just one authentication request, even in the case where the host does not currently accept SSH keys. Type the password once on the first SSH connection, and all following SSH connections are connected without a password (or course, exercise caution)!

Using

  • OpenSSH on Ubuntu 8.10 (`ssh -V` shows OpenSSH_5.1p1 Debian-3ubuntu1, OpenSSL 0.9.8g 19 Oct 2007)
  • a UNIX-like system running sshd

Setup

Linux Journal‘s Dec 2008 issue (thanks for the free SC08 issue!) provides a “Tech Tip” on p. 31. In ~/.ssh/config:

Host *
    ControlMaster auto
    ControlPath ~/.ssh/master-%r@%h:%p

You may want to make it read-able only by yourself for privacy (write-able too):

$ chmod 600 ~/.ssh/config

To activate it, just run ssh as usual, e.g.

$ ssh targethost

Done.

Results

I connected to the same host with 4 different terminals before and after using this SSH config.

Notice 4 remote host sshd processes before SSH muxing:

username@remote-host:~$ ps x
  PID TTY      STAT   TIME COMMAND
 4235 ?        S      0:00 sshd: username@pts/0
 4236 pts/0    Ss+    0:00 -bash
 4352 ?        S      0:00 sshd: username@pts/1
 4353 pts/1    Ss+    0:00 -bash
 4468 ?        S      0:00 sshd: username@pts/2
 4469 pts/2    Ss     0:00 -bash
 4584 ?        S      0:00 sshd: username@pts/3
 4585 pts/3    Ss+    0:00 -bash
 4648 pts/2    R+     0:00 ps x

Notice 1 remote host sshd process after SSH muxing:

username@remote-host:~$ ps x
  PID TTY      STAT   TIME COMMAND
 4922 ?        S      0:00 sshd: username@pts/0,pts/1,pts/2,pts/3
 4923 pts/0    Ss+    0:00 -bash
 4972 pts/1    Rs     0:00 -bash
 5022 pts/2    Ss+    0:00 -bash
 5070 pts/3    Ss+    0:00 -bash
 5438 pts/1    R+     0:00 ps x
 5439 pts/1    D+     0:00 -bash

The system log at /var/log/auth.log (remote host) also shows only 1 login with the new configuration (of course, there were 4 before…). This means you only have to authenticate once for all 4 SSH connections!

Discussion

This requires a relatively recent version of OpenSSH. I found it didn’t work on a Red Hat Enterprise Linux 4 machine (OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003). OpenSSH will likely complain loudly if it doesn’t understand your config.

If your home directory is mounted across multiple hosts, you’ll probably want to add the local host (%l – “percent ell”) to the ControlPath. This will ensure each host can properly access the proper sshd process. Here is such a config file:

Host *
    ControlMaster auto
    ControlPath ~/.ssh/master-%l-%r@%h:%p

I did come across one drawback: the first ssh process waits for other ssh processes to exit (naturally). For example, suppose you have 4 terminals open which you use to shell 4 times into the same host. If you close the SSH on the first terminal, it will wait until the other 3 SSH processes exit. When this happens, you’ll notice that SSH will close but not return to your normal shell.

You can make this a system-wide configuration by placing these directives in /etc/ssh/ssh_config. Use this advice at your own risk, and proceed with caution. I won’t be responsible if you jack up your SSH config!

If you’d like to avoid this config but you’d like to have multiple shells on a remote host with one SSH connection, look into GNU screen. I like screen a lot, but I also like the option of having multiple terminal windows for the same host.

Further Reading

Advertisements