[nycbug-talk] SSH client session multiplexing

Okan Demirmen okan
Tue Jul 27 09:23:31 EDT 2004 

On Mon 2004.07.26 at 11:58 -0400, Jesse Callaway wrote:
> 
> On Jul 25, 2004, at 11:21 PM, Okan Demirmen wrote:
> >
> ># create multiplexed session and a local forward
> >Host myhost
> >        HostName myhost.example.com
> >        ControlMaster yes
> >        ControlPath ~/.ssh/myhost-ctrl
> >        LocalForward 2201 10.1.1.1:22
> >
> ># ssh to myhost over session
> >Host myh
> >        ControlPath ~/.ssh/myhost-ctrl
> >
> ># ssh to myhost with X forwarding over the same session
> >Host m-X
> >        ControlPath ~/.ssh/myhost-ctrl
> >        ForwardX11 yes
> >
> ># ssh to local forward via session
> >Host m-2201
> >        ControlPath ~/.ssh/myhost-ctrl
> >        HostName localhost
> >        Port 2201

^^^ this one doesn't work ^^^ in a hast, i didn't bother reading
over the config before i sent it, and while just cleaning out my
mailbox, i scanned through and noticed the error in my way ;) the
"ssh to local forward via session" example entry doesn't work as
it looks like it should...basically, one needs to remove the
ControlPath and this will allow one to ssh to the locally forwarded
prot, otherwise, if one leaves it in, "ssh m-2201" will connect you
directly to myhost over the existing channel....sorry for the
confusion.

> ># ssh and create a new local forward
> >Host m-2202
> >        ControlPath ~/.ssh/myhost-ctrl
> >        LocalForward 2202 10.1.1.2:22
> >
> 
> ad-hoc port forwarding can be done at the 'ssh prompt'. You can get 
> this by sending break-C, or ~C on my computer. So if you do the magic 
> key sequence while a session has been established you get a prompt 
> where you can do:
> 
> ssh> -L 1000:mail.theholymountain.com:25
> ssh> -L 1001:mail.theholymountain.com:143

right, and now you have another way...the nice thing with multiplexing
is that once you open the first session, you can add as many forwards
as you wish as your day moves along without the burden of additional
connections.

> and point your mail client to localhost:1000 for the SMTP server and 
> same deal for the IMAP server. Though I like Okan's numbering scheme 
> for the local ports. Furthermore, I wouldn't have to type all of this 
> crap in every time. I'm glad to have seen your example otherwise I 
> would have blown it off. This is a real time saver.

yea, and you know how long i went without ever knowing about
.ssh/config? way way too long...that in itself shrunk my shell aliases
and shell functions significantly ;)
 
if anyone wants more info, let me know...since the client side of
the multiplexing came out, i've converted the majority of my
.ssh/config at work to use it, so i only need to make one CONNECT through
our proxy. (ssshhh)


-- 
Okan Demirmen <okan at demirmen.com>
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934

More information about the talk mailing list