Skip to main content

SSH

Самый простой способ зайти на сервер:

ssh andriibondariev@10.20.100.200

Чуть по-сложнее:

ssh -l andriibondariev@prod.example.com 10.20.100.200
scp -r /* root@10.20.100.200:/usr/lib/zabbix/externalscripts

или

scp -i myAmazonKey.pem script.sh ubuntu@3.135.180.100:/

Место, где находится конфиг SSH

/etc/ssh/ssh_config

Логин с указанием приватного ключа, юзернейма и хоста

ssh -i ~/.ssh/my_key -l myusername 10.20.100.200

Логин под рутом с указанием юзернейма

ssh -i andriibondariev root@10.20.134.204

Создание публичного ключа из приватного с указанием коммента

ssh-keygen -y -f /path/to/your/private/key -C "new-comment" > new_public_key.pub

SSH and Git connectivity

Создайте ключ SSH: если у вас еще нет ключа SSH или вы хотите создать новый специально для этой цели.

ssh-keygen -t rsa -b 4096 -C "andrii.bondariev@example.com"

Укажите местоположение во время генерации ключа:

/c/Users/AndreasDesktop/.ssh/example

Добавьте Public Key на сервер Git:

cat /c/Users/AndreasDesktop/.ssh/example.pub

Убедитесь, что ssh-агент запущен:

eval $(ssh-agent -s)
info

На Windows это выглядит так:

Get-Service ssh-agent | Set-Service -StartupType Manual
Start-Service ssh-agent
ssh-add C:\path\to\your\ssh\private\key

Список ключей агента SSH:

ssh-add -L

Убедитесь, что ваш ключ example указан в списке. Если нет, добавьте еще раз:

ssh-add /c/Users/AndreasDesktop/.ssh/example

Проверьте прямое SSH-соединение:

ssh -T git@git.example.net

UNPROTECTED PRIVATE KEY FILE

Only the owner can read the file (most secure):

chmod 400 /mnt/c/Users/AndreasDesktop/.ssh/example

Owner can read and write (also acceptable):

chmod 600 /mnt/c/Users/AndreasDesktop/.ssh/example
caution

If you're running this on WSL (Windows Subsystem for Linux) or Git Bash on Windows, where permission changes via chmod might not fully apply due to the underlying NTFS file system.

cp /mnt/c/Users/AndreasDesktop/.ssh/namecheap ~/.ssh/
chmod 400 ~/.ssh/namecheap
ssh-add ~/.ssh/namecheap

Files in /mnt/c/... are controlled by Windows, and Windows ignores Unix-style permissions like chmod 400.

Script Timeout and Disconnection

The message "client_loop: send disconnect: Broken pipe" typically indicates that the SSH connection to your server is timing out while your script is still running. This often happens with long-running processes in environments where there's a timeout on idle SSH connections. Solutions:

Prevent SSH Timeout: You can prevent the SSH session from timing out by sending a "keep alive" signal at regular intervals. This can be done by setting the following options in your SSH configuration (~/.ssh/config):

Host *
    ServerAliveInterval 60
    ServerAliveCountMax 120

This configuration sends a keep-alive message every 60 seconds and allows up to 120 missed messages before disconnecting.

Using screen or tmux: These tools allow you to run sessions that continue even if you disconnect or log out from the SSH session. Start a screen or tmux session before running your script, which you can then detach from and reattach to later.

SSH Config

Include /etc/ssh/ssh_config.d/*.conf
Host *
SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes

Host jump *jump-host-name*
    HostName *jump-host-name*
    User username@corporation
    IdentityFile ~/.ssh/aduser
    #Add connection multiplexing
    ControlMaster auto
    ControlPath ~/.ssh/%u@%h:%p
    ControlPersist 10m
 
Host !jump !*jump-host-name* *
    # some settings
    # some settings
    ProxyJump jump


Host *host-name*
    ProxyJump jump
    HostName *ip-address*
    User username@corporation
    IdentityFile /root/.ssh/aduser