linux - Integration of afuse user-level automounter with sshfs as a systemd service spawned from login for local users - Unix & Linux Stack Exchange
Ends up creating a folder on the home directory which automatically creates virtual directories, e.g. if you ls to firstname.lastname@example.org it will ssh to the respective server and mount it. Only works with key-based authorization (afaik) and you need to have the server mounted or connected at least once before to add it to known hosts (or disabled known hosts, but I don't recommend that).
I am having some troubles with it (stuck shell on opening a new terminal) which I believe is due to the service type being forking but sshfs/ssh not quite forking into the background.
A simple systemd mount unit (with systemd-automount) also works well.
lsync can act as a repeatable rsync replacement. Under the hood it utilizes rsync (though there is an advanced rsyncssh integration available which does not re-transfer files over rsync that already exist on the target machine).
Ideal for local-remote scenarios, where changes occur on one machine and should be replicated on another (e.g. mirroring project directory and code changes, automatically pushing them to remote development environment for compilation/testing/building)
Keyxchange/Keys/Ciphers/CipherAuthorizations -- which to choose and which to lose (carefult to not lock yourself out)
2Factor Authentication for SSH setup (through an app like GoogleAuth or Aegis)
Bastion Host automation (automatically making a 'jump' through a required firewall in-between to your destination host)
"If you're doing 16 hops in-between, sending a single byte of data will cost you about 200MB of data sending" ??
Client Hardening (closes 2 2016 CVES, fixed in OpenSSH 6.1p-2)
turn of UseRoaming * in client (i.e. ssh config)
ping first -- maybe the network connection just does not work? ;)
ssh -v <host> or -vv or -vvv - verbose connection descriptions as they happen
are your options sticking, do they have the right order? ssh -G <host> -- see which options apply to the connectionon
Legacy systems (solaris, iris, hpux, nextstep, ...)
make a separate ssh/config entry for your specific legacy boxes, setting the options
nice way to 'add' to usual options, just do e.g. KexAlgorithms +diffie-hellman-group1-sha1 in the config
Fixing connection issues for blog automatic deployment
ssh will say publickey denied (even though it is the correct public key)
Server will close the ssh connection on port 22 apparently without any errors
User is potentially locked out of their account (if trying to use another account than main ssh connection)
Check the keys first of all, are they in the corrent places on the server (authorized_keys) for the correct login account, with the correct permissions (u+rw, go-rwx for private, u+rw, go+r for public key)
logging into the correct ip, with the correct user (-l username) and identityfile? (-i file)
check the client log (ssh -vv or -vvv) and server logs (often sudo cat /var/log/auth.log) for error messages (see checking sshd logs )
FoldFold allExpandExpand allAre you sure you want to delete this link?Are you sure you want to delete this tag?
The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community