Making SSH easy
Tim Dysinger put up a great article the other day about simplifying Rails app deployment. He briefly goes over some of the SSH configuration options that you can use to simplify things, particularly when using ssh-agent. There are a few other things that I use to greatly simplify my life, particularly since I use ssh for almost all of my work, not just deployments.
- Automatically load up ssh-agent and prepare your keys on login.
OSX and most Linux desktop environments (Gnome, KDE, etc) have a “keyring” that stores system passwords and things for you in a relatively secure fashion. You unlock the keyring with a master password and you get access to stored passwords. ssh-agent can interact with these keyrings to automatically load up your ssh keys at login. You just unlock the keyring once, and your keys are all ready to go.
- Use short names in your .ssh/config
Sometimes you’ll be stuck working on servers with extremely long names. Or, worse yet, servers with no DNS name at all where you have to remember the IP address. In this case, you can use a host/hostname combination in your .ssh/config file to give you an easy to type name.
host = shortname hostname = reallylong.nameplusdomain.comAnd, for bonus points, if your current login name doesn’t match the remote login name, you can add a user = remotename line. Now, instead of typing:
ssh remotename@reallylong.nameplusdomain.com
I can just do:
ssh shortname - This last one is a potential security risk, but it can be handy when you’re deploying to a machine who’s host key changes regularly. I run into this all the time when preparing new release candidates of our Rails Boxcar images at work. I add stricthostkeychecking = no to my config. If I connect to the same server multiple times and it has a different host key (or no host key stored locally yet) I won’t have to manually approve it. Particularly handy in conjunction with Capistrano since cap will usually choke and exit with an error instead of prompting you with the “Add host key” message.
