Linux: Disable SSH connection timeout
You need to set the Client and the Server to stop the automatic timeout of SSH non active connections.
Client:
/etc/ssh/ssh_config
Add the following to the bottom of the file:
# Client keep alive
ServerAliveInterval 60
Server:
/etc/ssh/sshd_config
Add the following to the bottom of the file:
# Server Keep Alive
ClientAliveInterval 120
TCPKeepAlive yes
ClientAliveCountMax 720
systemctl restart sshd
Note:
120 X 720 = 86400 seconds or 24 hours
Linux: After changing ulimit settings the proc limits do not match
When changing the ulimit settings in /etc/security/limits.conf or in /etc/security/limits.d/filename for a specific user, you will only see the correct change in /proc/[pid]/limits if you are looking as the user the limit was set for. Looking at this setting in /proc as root or su will display the settings for root not the user you set within the file.
The command:
ulimit -a username
is the best way to tell if the limits config file change is active.
Linux: Using ssh to run a script on multiple servers
To start, it will be more convenient if you have ssh keys setup on the servers. Otherwise you will be entering a password for each server you need to connect to.
To break this out create three files:
1. iplist.txt
2. checkservers
3. serverscript
* If your command is small enough you do not need to have a seperate serverscript file. I find it easier to put more complex scripts in their own file which is what the following example reflects.
Add your server IPs to iplist.txt:
192.168.1.10
192.168.1.22
192.168.1.45
192.168.1.100
Add you loop connection syntax in checkservers:
#!/bin/bash
for server in $(cat iplist.txt); do
ssh username@$server -i usernameprivatekeyfile 'bash -s' < serverscript >> server-results.txt
done
Add your script to serverscript:
#!/bin/bash
sudo -i
hostname
your
script
here
Final steps:
chmod 744 checkservers
chmod 744 serverscript
Finally run ./checkservers
Linux: reverse ssh simplified
If you are tired of reading long blog posts of using reverse ssh you came to the right place.
Scenario:
You want to connect from your workstation to a server.
Both are on their own networks and are behind NAT.
Target: Server behind firewall
Jump: Server on the internet that you have control of the firewall
Source: Your Workstation behind firewall
Steps (Target connects to Jump, Source connects to Jump, From Jump you connect to Target):
- Target:
ssh -fN -R 45000:localhost:22 username@Jumpserverip - Source:
ssh username@jumpserverip - Jump:
ssh useronTarget@localhost -p 45000