Differences

This shows you the differences between two versions of the page.

--- docs:tips_n_tricks:ssh.html [25.11.2010 12:02 CET] – peter
+++ docs:tips_n_tricks:ssh.html [10.06.2017 13:50 CEST] (current) – [References] peter
@@ Line 1: / Line 1: @@
 ====== SSH ======
-===== SSH Tunnel =====
+===== Reverse SSH Tunnel =====
 Imagine you need access from a remote system to a local system, that is allowed to open ssh sessions to the remote system, but the remote system is not allowed to access your local services. This can be solved by using ssh tunnels.
@@ Line 9: / Line 9: @@
 Now, you can access the local service on localhost:10389 on the remote system.
+===== Transport Terminal Encoding =====
+To transport your local LC_CTYPE setting to the remote host, use the line
+  Host *
+     SendEnv LC_CTYPE
+in ''~/.ssh/config''
+===== Avoid waiting for GSSAPI timeout =====
+On some systems, ssh connects seem to be slow due to waiting for GSSAPI authentication timeout.
+This can be avoided by the following config in ''~/.ssh/config'':
+  Host *
+    GSSAPIAuthentication no
+===== List Fingerprints =====
+To verify the keys in your ''.ssh/authorized_key'' file, you can list the fingerprints by:
+  ssh-keygen -l -f .ssh/authorized_keys
+===== Lock Keys in Agent on Mac OS X (maybe BSD) =====
+  eval `SSH_ASKPASS=/usr/local/bin/ssh_askpass.sh ssh-agent`
+  ssh-add -c [keyfile]
+  ssh -A <remote-host>
+''/usr/local/bin/ssh_askpass.sh'':
+  #! /bin/sh
+  exec xmessage -buttons 'Yes:0,No:1' "$@"
+===== Get rid of "PAM service(sshd) ignoring max retries; 6 > 3" =====
+Add
+  MaxAuthTries 3
+to ''/etc/ssh/sshd_config''
+==== References ====
+  * [[https://juju.net.nz/michaelh/2014/04/stopping-pam-servicesshd-ignoring-max-retries-errors-in-syslog/|Stopping ‘PAM service(sshd) ignoring max retries’ errors in syslog]]
+======  ======
+{{tag>ssh sshd}}
+{{entry>ssh}}
+{{entry>sshd}}