LinuxWebLog.com

Create a "config" file in your "~/.ssh" directory with the below contents:

The key is to set CheckHostIP to "no" and use "HostKeyAlias" to specify an alias that should be used instead of the real host name when looking up or saving the host key in the host key database files.

The Port line avoids having to specify the port when connectig.

Connect to corresponding host via:

While generating ssh keys, I usually use RSA type since it can be used to generate 2048 bits key, while DSA is restricted to exactly 1024 bits.

Below is example of backing up users' home directory to remote host piped via ssh:

Try setting up ssh client with compression and use arcfour/blowfish encryption instead. Also avoid ipv6 lookup and reuse connections using
socket:

Add below to ~/.ssh/config

Below is a sample expect script to handle ssh password prompt should you not get the ssh keys to be working between hosts:

If you've been given a public ssh host key and want to verify it before adding it permanently to your ssh known_hosts file:

Get the public ssh key:

Get the ssh key fingerprint:

A recent storm surge killed my Belkin wireless router and was quickly replaced by a LinkSys WRT54GS wireless router. But, for some reason my ssh clients would time out due to inactivity of just a couple minutes. A quick fix was to include the below line in "/etc/ssh/ssh_config":

In follow-up to the previous post, I am compiling this as a separate post as this solution is been running very stable for a while with quite a few updates and changes...

I will be setting up a back-up of a remote web-host via rsync over ssh and creating the snapshot style backup on the local machine.

The backups are done incremental, only the files that have changed are backed up so there is very less bandwidth used during the backup and also does not cause any load on the server.

These are sliced backups, meaning that you get a full backup of the last 4 days, and the last 4 weeks. So data can be restored for upto a month of back date.

Below is an example listing of backups you would see.

Mar 11 - daily.0
Mar 10 - daily.1
Mar 9 - daily.2
Mar 8 - daily.3
Mar 5 - weekly.0
Feb 27 - weekly.1
Feb 20 - weekly.2
Feb 13 - weekly.3

Each of those is a full snapshot for the particular day/week. The files are all hard-linked and would only require 2 to 3 times the space used on the server. The backups should consist of web, database, email and some of the important server configuration files.

Below is reference of how I have setup chroot SSH jail for users in CentOS-4.6 with ISPConfig installed replacing the openssh rpm with the one from chrootssh.sourceforge.net .

It's easy on ISPConfig as support for chroot SSH is now built in with the control panel, you simply need to get chrootSSH installed and then enable the ssh option located in the config file at "/home/admispconfig/ispconfig/lib/config.inc.php":

If you need for the ssh chroot to access additional application, the file "/root/ispconfig/scripts/shell/create_chroot_env.sh" which builds the chroot needs to be edited. Also, check and edit the location of mysql socket file.