====== Aliases ======

by editing ~/.ssh/config, you can make SSH aliases very simply:

<code>
Host shortname
        HostName        longname.domain.tld
        Port            22
        User            username
</code>

typing "ssh shortname" will be the same as "ssh username@longname.domain.tld" (even if shortname is not defined in the DNS nor in the /etc/hosts file)

====== Bounce hosts ======

Here we use a publicaly available IP host to reach a private host, using a single command. For this to work you have to add something like that in ~/.ssh/config:

<code>
Host hostname
        ProxyCommand    ssh username@longname.domain.tld nc distant_private_ip_adress 22
        User            username
</code>

"ssh hostname" connects to the distant_private_ip_adress adress server using the public longname.domain.tld host. Of course [[http://netcat.sourceforge.net/|netcat]] must be installed on the public server.

====== Tunnels ======

We can map distant ports on localhost local ports, using a bounce host:

<code>
ssh -L 8080:server_to_forward_ports_of:80 server_to_connect_to
</code>

once connected to server_to_connect_to, localhost:8080 would be the same as server_to_forward_ports_of:80.

====== SOCKS proxies ======

<code>
ssh -D 8080 server_to_connect_to
</code>

once connected to server_to_connect_to, use localhost:8080 as the (SOCKS v4) proxy server in your favorite browser.

====== Using a local proxy to enable internet access on a remote host ======

  * install some proxy software (i.e., Squid) 
  * connect to the server, and map a port to the proxy's one:


<code>
ssh -R8181:localhost:3128 server_to_connect_to
</code>
  * once connected, enter:

<code>
export http_proxy=http://127.0.0.1:8181
</code>
  * surf

====== Run a command on login ======

Commands in /etc/ssh/sshrc are executed by ssh when the user logs in, just before the user's shell (or command) is started. It's commonly used to send alerts using mail:

<code>
#!/bin/sh
# source: http://blog.uggy.org/post/2009/06/05/Execution-de-commande-lors-d-une-connexion-SSH
DATE=`date "+%d.%m.%Y--%Hh%Mm"`
IP=`echo $SSH_CONNECTION | awk '{print $1}'`
REVERSE=`dig -x $IP +short`
HOSTNAME=`hostname`

echo "Connexion de $USER sur $HOSTNAME
IP: $IP
ReverseDNS: $REVERSE
Date: $DATE

" | mail -s "Connexion de $USER sur $HOSTNAME" me@mail.com
</code>

====== Multiplexing ======

If you make several connections to the same server, you can speed up every connection after the first one by enabling multiplexing.

  * create the directory where connections' data will be stored:

<code>
$ mkdir -p ~/.ssh/connections
$ chmod 700 ~/.ssh/connections
</code>

  * Enable multiplexing for every hosts in .ssh/config:

<code>
Host *
ControlMaster auto
ControlPath ~/.ssh/connections/%r_%h_%p
</code>

Warning: This will not work with tunneled protocols or forwarded ports (See [[http://www.symkat.com/ssh-tips-and-tricks-you-need]]).