[nycbug-talk] SSH client session multiplexing

Jesse Callaway jesse
Mon Jul 26 11:58:40 EDT 2004



On Jul 25, 2004, at 11:21 PM, Okan Demirmen wrote:

> On Sun 2004.07.25 at 21:53 -0400, pete wright wrote:
>> heh...maybe i can't read :)  sorry 'bout that.  i think i'm a bit 
>> foggy
>> on how screen and multiplexing differ.  i guess it's one of those
>> things i'll just have to do eh?  so how do you config your sshd and 
>> ssh
>> conf's to utilize multiplexing, i'm intrigued.  i'll look it up, but
>> are there any hints to get one started?
>
> well, while we wait on the list server to spit out our mails...here is 
> an
> example ~/.ssh/config that kinda shows what one can do...and check your
> tcp states while you're at it - all over one session.
>
> # create multiplexed session and a local forward
> Host myhost
>         HostName myhost.example.com
>         ControlMaster yes
>         ControlPath ~/.ssh/myhost-ctrl
>         LocalForward 2201 10.1.1.1:22
>
> # ssh to myhost over session
> Host myh
>         ControlPath ~/.ssh/myhost-ctrl
>
> # ssh to myhost with X forwarding over the same session
> Host m-X
>         ControlPath ~/.ssh/myhost-ctrl
>         ForwardX11 yes
>
> # ssh to local forward via session
> Host m-2201
>         ControlPath ~/.ssh/myhost-ctrl
>         HostName localhost
>         Port 2201
>
> # ssh and create a new local forward
> Host m-2202
>         ControlPath ~/.ssh/myhost-ctrl
>         LocalForward 2202 10.1.1.2:22
>
>
> -- 
> Okan Demirmen <okan at demirmen.com>
> PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
> PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934

ad-hoc port forwarding can be done at the 'ssh prompt'. You can get 
this by sending break-C, or ~C on my computer. So if you do the magic 
key sequence while a session has been established you get a prompt 
where you can do:

ssh> -L 1000:mail.theholymountain.com:25
ssh> -L 1001:mail.theholymountain.com:143

and point your mail client to localhost:1000 for the SMTP server and 
same deal for the IMAP server. Though I like Okan's numbering scheme 
for the local ports. Furthermore, I wouldn't have to type all of this 
crap in every time. I'm glad to have seen your example otherwise I 
would have blown it off. This is a real time saver.






More information about the talk mailing list