OpenSSH

Display OpenSSH daemon configuration.

Automatically add the identity file used by the SSH client to the OpenSSH authentication agent.

Inspect OpenSSH configuration.

Deal with the too many authentication failures error when initiating SSH connection.

Lock OpenSSH authentication agent.

Configure OpenSSH server to use legacy public key algorithm to authenticate itself to an SSH client.

Define key expiration time in OpenSSH authentication agent.

Automatically use jump proxy when initiating SSH connection from an external network.

Use internal DietPi utilities is to switch from a Dropbear to OpenSSH Server.

Suppress SSH banner when executing ad-hoc commands.

Ensure that OpenSSH client uses explicitly configured authentication identity even if authentication agent offers more identities.

Perform hostname canonicalization to simplify your configuration and ease work with multiple servers.

Match specific network inside the SSH client configuration file using Python helper script.

Define multiple configurations for the same host using the SSH client configuration file.

Determine available authentication methods on the specified OpenSSH server.

Inspect OpenSSH client configuration to search and display configured hosts.

Revoke specific key used to perform key-based login with OpenSSH utilizing simple public key revocation list or OpenSSH Key Revocation List (KRL).

Determine which SSH key was used to perform key-based login using public key fingerprint.

Display message before OpenSSH authentication using simple built-in mechanism.

Keeping SSH authentication agent in sync across multiple servers and terminal multiplexers is not an easy task, but can be solved by using consistent socket names used to connect to the SSH authentication agent.

Attach to the tmux session over SSH to continue your work.

Sometimes it is very convenient to define shell function and execute it remotely.

Use simple shell function to instantly create known_hosts entries for specified host, including its IP address and remove outdated public host keys.

Global known_hosts file located in /etc/ssh/ssh_known_hosts and user managed ~/.ssh/known_hosts contains known host public keys. Due to its nature these files can contain multiple entries using the same key. It is not a problem, but merging entries using the same key is the first step that is necessary to inspect it visually and to verify host entries.

Disconnect idle SSH clients using built-in client alive mechanism.

There are rare cases when known hosts file becomes corrupted, so basic ssh utilities fail within custom built shell scripts due to ~/.ssh/known_hosts is not a valid known_hosts file error.

From time to time I have to update passwords used to secure private keys to keep myself a bit more sane. I will demonstrate simple and straightforward way to accomplish this task.

Sometimes I want to access a private server at home from a different network while being on the go. The easiest way to do this is to use autossh utility to create a secure and persistent reverse SSH tunnel to the publicly available server.