|
|
|
|
|
|
by dnlk
5291 days ago
|
|
|
From the article: ...you can leave the password blank (if you secure your laptop with encryption, a locking screensaver, and a strong password, your SSH key doesn’t require a password)..., but what if that is still not enough security for you or your policy prohibits you from using key pairs for authentication, or maybe you are not using a server that often and just don't want to set up key pairs. Enter the ControlMaster mechanism (see man ssh_config): Host *
ControlMaster auto
ControlPersist yes
ControlPath /tmp/ssh-%r@%h:%p
ServerAliveInterval 600
So now you type in your password for your first session only, and every other session will be slaved to it (this includes directory/file auto completion over ssh in zsh and other nice nibbles like it does with public/private key pairs). |
|
|
ControlMaster's biggest advantage is using a single encryption channel for multiple connections. Especially handy if you need to jumphost through a vpn machine.