Difference between revisions of "SSH Multiplexing"
Moskalenko (talk | contribs) |
|||
| Line 1: | Line 1: | ||
| − | If use use a Linux or MacOS computer and your workflow involves making a lot of connections to HiPerGator you may want to use SSH Multiplexing to avoid having to go through MFA for every connection. | + | If use use a Linux or MacOS computer and your workflow involves making a lot of connections to HiPerGator you may want to use SSH Multiplexing to avoid having to go through MFA for every connection. Again, this does not work for Windows computers natively! The [https://www.bitvise.com/ BitVise] client is the only SFTP/ssh client we are aware of that supports ssh multiplexing. |
| − | |||
| − | |||
In a nutshell, ssh multiplexing works by creating a TCP socket the first time a connection is made. That socket can be used by subsequent connections within the idle timeout period to create new connections without triggering MFA. | In a nutshell, ssh multiplexing works by creating a TCP socket the first time a connection is made. That socket can be used by subsequent connections within the idle timeout period to create new connections without triggering MFA. | ||
| Line 20: | Line 18: | ||
</pre> | </pre> | ||
| − | {{Note|If you use username and password remove the <code>Port 2222</code> line from the configuration.<br>Be sure to change the <code>User</code> to your username.|info}} | + | {{Note|If you use username and password remove the <code>Port 2222</code> line from the configuration.<br>Be sure to change the 'albertgator' <code>User</code> to your username.|info}} |
Revision as of 17:48, 22 October 2021
If use use a Linux or MacOS computer and your workflow involves making a lot of connections to HiPerGator you may want to use SSH Multiplexing to avoid having to go through MFA for every connection. Again, this does not work for Windows computers natively! The BitVise client is the only SFTP/ssh client we are aware of that supports ssh multiplexing.
In a nutshell, ssh multiplexing works by creating a TCP socket the first time a connection is made. That socket can be used by subsequent connections within the idle timeout period to create new connections without triggering MFA.
See [1] for reference.
Example with SSH key authentication that enables SSH multiplexing. Each subsequent connection resets the idle timeout countdown:
Edit the ssh configuration file on your local computer (typically ~/.ssh/config) and add or modify the following entry:
Host hpg
User albertgator
HostName hpg.rc.ufl.edu
Port 2222
ControlPath ~/.ssh/cm-%r@%l-%h:%p
ControlMaster auto
ControlPersist 8h
Port 2222 line from the configuration.Be sure to change the 'albertgator'
User to your username.