Secure Shell (SSH) processes commands in a sequential order. It can’t connect to multiple servers to run commands simultaneously.
Most of the time that’s not an issue. Individual commands can be run with ssh -c
and, when run in a loop, will cycle through a series of servers sequentially.
However, there are times when an admin needs to run multiple commands simultaneously across multiple servers.
PSSH is a parallel SSH client. It uses SSH but wraps it in a Python script to enable simultaneous connections to multiple servers. It includes features for sending input to all of the SSH processes, facilitating multiple logins, saving output to a file, and timing out connections.
See also: PSSH overview and tutorial
SSH Configuration Files
/etc/ssh/sshd_config # Main configuration file for the ssh daemon - sshd
/etc/ssh/ssh_host_rsa_key # Specific encryption private keys with permissions 600
/etc/ssh/ssh_host_rsa_key.pub # Specific encryption public keys with permissions 644
/etc/ssh/known_hosts # Checks public keys of known/trusted hosts (does not exist by default)
~/.ssh/known_hosts # Checks public key of known/trusted hosts accessed by the user who owns the directory
~/.ssh/authorized_keys # Stores public keys for logging in as the user that owns the directory
Commands Related to SSH
# Secure shell:
ssh
-c # Run individual commands
-l [user] [host] # Logs in as the specified user to the host
[user]@[host] # Logs in as the specified user to the host
-X # Enable SSH X Window System forwarding
-x # Disable SSH X Window System forwarding
# Creates a public/private key pair for use with SSH:
ssh-keygen
-b [#] # Encryption key size (i.e., 1024, 2048, etc.)
-t [type] # Encryption key type (DSA or RSA - default)
Will prompt for a password:
- Blank: use the key passwordless
- Entering a passphrase: 2FA (key + passphrase)
Note: File permissions on keys should be either
644
(older) or600
(newer).
# Copies your public key to the user and host as indicated:
ssh-copy-id
[user]@[host] # Copies the key to the specified user to the host
Next connection will either work (no passphrase setup) or prompt just for passphrase.
Note: Manual method, copy/paste the contents of your public key into the remote user’s authorized_keys file and set the permissions at
600
.```console
# Wrapper for SSH that allows you to pass items (keys) into the SSH shell for connectivity:
ssh-agent
[shell] # Starts the agent on the indicated shell