A bunch of stupid SSH tricks that can be useful somehow, somewhere...
Forcing either IPv4 or IPv6
This is for the scenario that you know which specific protocol works
to reach a particular host. Usually good to eliminate the delay
for SSH to figure out to switch IP protocols. For IPv4:
ssh -4 [email protected]
ssh -6 [email protected]
Reuse a SSH connection
Rather than start a new TCP connection to a remote host, simply
multiplex over an existing connection: Add to your
Host * ControlMaster auto ControlPath /tmp/%r@%h:%p ControlPersist 4h # Another option for Control Path ControlPath ~/.ssh/%r@%h:%p
-C option. Or in the config file:
Using cheaper cyphers
Using less computation-heavy ciphers in SSH, so that less time is spent
during encryption/decryption. The default AES cipher used by
OpenSSH is known to be slow. An independent study shows that
arcfour and blowfish ciphers are faster than AES.
blowfish is a fast block cipher which is also very secure.
Meanwhile, arcfour stream cipher is known to have vulnerabilities.
So use caution when using arcfour. Use the
option or in the config file:
Improve Session Persistence
ServerAliveInterval 60 ServerAliveCountMax 10 TCPKeepAlive no
Counterintuitively, setting this results in fewer disconnections from your host, as transient TCP problems can self-repair in ways that fly below SSH's radar. You may not want to apply this to scripts that work via SSH, as "parts of the SSH tunnel going non-responsive" may work in ways you neither want nor expect!