pyratelog

personal blog
git clone git://git.pyratebeard.net/pyratelog.git
Log | Files | Refs | README

20230201-exit..._ssh_left.md (2215B)


      1 The [ssh](https://en.wikipedia.org/wiki/Secure_Shell){target="_blank" rel="noreferrer"} command isn't only for accessing a shell on remote systems.  It can also be used to tunnel traffic or view remote web applications without having to mess around with firewalls.
      2 
      3 As an example, the other day I installed [Grafana](https://grafana.com/){target="_blank" rel="noreferrer"} on a Linux server in the cloud.  To quickly view the web UI on my local machine I can use `ssh` with the `-L` option to forward a local port to the Grafana port (default: 3000) on my server
      4 ```
      5 ssh -L 3000:server:3000 server
      6 ```
      7 
      8 Navigating to localhost:3000 in my browser gives me access to Grafana.  This is great except I have to leave a terminal open for the `ssh` session.  Adding the `-N` option tells `ssh` not to run a remote command, if you try this the connection will open but you won't get a prompt on the server.  Also adding the `-f` option puts `ssh` into the background, freeing up the terminal
      9 ```
     10 ssh -NfL 3000:server:3000 server
     11 ```
     12 
     13 In order to close the connection you will have to find the PID then kill it.  Not very eloquent.  My preference is to use the `ControlMaster` option in my ~/.ssh/config, something that I use for sharing `ssh` connections (see my [ssh-aring is caring](20220116-ssh-aring_is_caring.html){target="_blank" rel="noreferrer"} post).
     14 
     15 By adding the `ControlMaster` and `ControlPath` options into ~/.ssh/config allows `ssh` to manage these connections.  You can use the `-O` option to pass control commands (`ctl_cmds`)
     16 ```
     17 ssh -O check server
     18 Master running (pid=1511266)
     19 ```
     20 
     21 You can also look in the path specified by `ControlPath` to see the sockets.  Closing the background connection is now clean and tidy
     22 ```
     23 ssh -O exit server
     24 ```
     25 
     26 For port forwarding connections that I use regularly I add the options into ~/.ssh/config, making my life easier.  For the example above I would add
     27 ```
     28 Host server
     29   HostName server
     30   LocalForward 3000 server:3000
     31   ForkAfterAuthentication yes
     32   SessionType none
     33 ```
     34 
     35 Now I can incant
     36 ```
     37 ssh server
     38 ```
     39 
     40 This opens the connection and puts it into the background allowing me to continue with my local terminal session and view Grafana on my remote server.