2488 shaares
83 private links
83 private links
- Keyxchange/Keys/Ciphers/CipherAuthorizations -- which to choose and which to lose (carefult to not lock yourself out)
- 2Factor Authentication for SSH setup (through an app like GoogleAuth or Aegis)
- Bastion Host automation (automatically making a 'jump' through a required firewall in-between to your destination host)
"If you're doing 16 hops in-between, sending a single byte of data will cost you about 200MB of data sending" ?? - Client Hardening (closes 2 2016 CVES, fixed in OpenSSH 6.1p-2)
- turn of UseRoaming * in client (i.e. ssh config)
- Debugging SSH
- ping first -- maybe the network connection just does not work? ;)
ssh -v <host>or-vvor-vvv- verbose connection descriptions as they happen- are your options sticking, do they have the right order?
ssh -G <host>-- see which options apply to the connectionon
- Legacy systems (solaris, iris, hpux, nextstep, ...)
- make a separate ssh/config entry for your specific legacy boxes, setting the options
- nice way to 'add' to usual options, just do e.g.
KexAlgorithms +diffie-hellman-group1-sha1in the config
