janisz/ssh_config

## ssh_config
## Password less ssh
1. Create new keyfile `ssh-keygen -t rsa -C "your_email@example.com"`
2. Push it to remote server `cat ~/.ssh/<name_of_your_public_key> | ssh <user@host> "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"`
3. Add new key to keyvalut `ssh-add id_rsa` if you get error that `Could not open a connection to your authentication agent.` you need to run `ssh-agent bash` and then `ssh-add id_rsa` but this will stay until you log out. So better option is to create config
`vim ~/.ssh/config`
and fill it with following template

	Host <host 1>
		HostName <host_name_or_ip>
		User <user>
		IdentityFile <private key file>
	Host <host 2>
		HostName <host_name_or_ip>
		User <user>
		IdentityFile <private key file>
4. Login using `ssh <host 1>`

## Tunel connection

1. Create tunel (it must be done for every server)
`ssh -f -L <local_port>:<remote_host>:22 user@host -N ` remember to add option `ServerAliveInterval 60`
(e.g `ssh -f -L 2023:194.29.178.57:22 gamma -N `)
2. You can add above command to startup script (put it in `/etc/rc.local` or create coronjob `@reboot`
2. Update `.ssh/config` to look like

	Host <remote host>
		HostName localhost
		User <remote_user>
		Port <local_port>


## Second option
SSH proxies

If you have an SSH server that’s only accessible to you via an SSH session on an intermediate machine, which is a very common situation when dealing with remote networks using private RFC1918 addresses through network address translation, you can automate that in .ssh/config too. Say you can’t reach the host nathost directly, but you can reach some other SSH server on the same private subnet that is publically accessible, publichost.example.com:

Host nathost
    ProxyCommand ssh -q -W %h:%p public.example.com
	## Password less ssh
	1. Create new keyfile `ssh-keygen -t rsa -C "your_email@example.com"`
	2. Push it to remote server `cat ~/.ssh/<name_of_your_public_key> \| ssh <user@host> "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"`
	3. Add new key to keyvalut `ssh-add id_rsa` if you get error that `Could not open a connection to your authentication agent.` you need to run `ssh-agent bash` and then `ssh-add id_rsa` but this will stay until you log out. So better option is to create config
	`vim ~/.ssh/config`
	and fill it with following template

	Host <host 1>
	HostName <host_name_or_ip>
	User <user>
	IdentityFile <private key file>
	Host <host 2>
	HostName <host_name_or_ip>
	User <user>
	IdentityFile <private key file>
	4. Login using `ssh <host 1>`

	## Tunel connection

	1. Create tunel (it must be done for every server)
	`ssh -f -L <local_port>:<remote_host>:22 user@host -N ` remember to add option `ServerAliveInterval 60`
	(e.g `ssh -f -L 2023:194.29.178.57:22 gamma -N `)
	2. You can add above command to startup script (put it in `/etc/rc.local` or create coronjob `@reboot`
	2. Update `.ssh/config` to look like

	Host <remote host>
	HostName localhost
	User <remote_user>
	Port <local_port>


	## Second option
	SSH proxies

	If you have an SSH server that’s only accessible to you via an SSH session on an intermediate machine, which is a very common situation when dealing with remote networks using private RFC1918 addresses through network address translation, you can automate that in .ssh/config too. Say you can’t reach the host nathost directly, but you can reach some other SSH server on the same private subnet that is publically accessible, publichost.example.com:

	Host nathost
	ProxyCommand ssh -q -W %h:%p public.example.com