Reusing existing OpenSSH v4 connections

/ Felipe Alfaro Solana

Reusing existing OpenSSH v4 connections comments a very interesting feature of OpenSSH 4: reusing open connections.

  • ControlMaster

    Enables the sharing of multiple sessions over a single network connection. When set to “yes” ssh will listen for connections on a control socket specified using the ControlPath argument.

  • ControlPath

    Specify the path to the control socket used for connection sharing as described in the ControlMaster section above or the string “none” to disable connection sharing. In the path, ‘%h’ will be substituted by the target host name, ‘%p’ the port and ‘%r’ by the remote login username. It is recommended that any ControlPath used for opportunistic connection sharing include all three of these escape sequences.

Assume that you’re on the host itchy and you wish to connect multiple times to the host scratchy.

Connect the first time with :

ssh scratchy  -M -S /tmp/%r@%h:%p

Here we’ve set two options:

  • -M

    This is setting the “ControlMaster” option. 

  • -S /tmp/%r@%h:%p

    This is the setting for the ControlPath specifying that we should save the master socket as /tmp/user@hostname:port.

Now that we’ve setup the master connection we can connect a second time with:

ssh scratchy -S /tmp/%r@%h:%p

This time the connection is immediate. There is no option negotiation, etc, taking place. We can verify this by adding a 

-v

flag:

skx@itchy:~$ ssh -v  scratchy -S /tmp/%r@%h:%p
OpenSSH_4.2p1 Debian-5, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /home/skx/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *

Linux scratchy.my.flat 2.6.8-1-386 #1 ...

The programs included with the Debian GNU/Linux system are free software;
...
...
snip

There we see the connection just occurs almost immediately, with none of the usual OpenSSH negotiation taking place.

Rather than messing around upon the command line we can setup these options within the configuration file .ssh/config, simply add a new stanza reading:

Host *
  ControlPath /tmp/%r@%h:%p

Now we can connect as normal, so long as we make the first connection to any host with 

-M

(for “Master”) all subsequent connections will be much faster.

Cool, huh?

If you don’t think you can remember to specify the 

-M

flag for the first one then you can also force this by setting your options to:

Host *
  ControlMaster auto
  ControlPath /tmp/%r@%h:%p

(Using autoask instead of auto will force the connection to prompt you whether you wish to setup a socket)

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s