SSH Tweaking OpenSSH Client

In general it is possible to say that all described option from this document are optional. On another hand to play with this options can simplify your life.
All described options is possible to configure in:

“ /etc/ssh/ssh_config “               # To change any option in this file will affect all users of the server
“ ~/.ssh/ssh_config “                 # To change the option in this file will affect just particular user

Description: “Compression yes/no”

This option will enable the compression of traffic passing through SSH session. SSH is using same compressing algorithms like gzip. In many cases you can help with this option to the SSH session.

On another hand at some causes it is not really needed (all that you can get is higher CPU and RAM utilization). Nice example for cause where you shall not use it is at transferring already comprised data through SSH session.

Description: “VisualHostKey yes/no”

In the case that you will enable this option you will see ASCI pictogram based on SSH Server key, any time when you will login to the server:

[user@SSH_Client ~]$ ssh SSH_Server
Host key fingerprint is 0b:f4:46:57:a5:ff:30:70:00:f8:22:90:fb:f2:ed:70
+--[ RSA 2048]----+
|     .   ...o..  |
|    o   .  . o   |
|     o. ... o .  |
|    ...o...  +   |
|     ...S.    +  |
|    . .o .     + |
|     o..E       .|
|      .o.        |
|       ..        |
+-----------------+

user@SSH_Server's password:
Last login: Sat Jan 25 19:11:46 2014 from SSH_Client
[user@SSH_Server ~]$

Description: “ServerAliveInterval <time>”

In some cases it is important to keep some traffic passing between SSH Server and SSH Client to keep the session open. According to this it is really handy to send a null packet periodically between SSH Server and SSH Client.

According to this you can configure to send null packet periodically with the option:
ServerAliveInterval 10

Description:

" ControlMaster auto "                                 # Open the Unix Socket automaticly
" ControlPath ~/.ssh/controlsock-%h-%p-%r "            # Location of the Unix Scocekt (%h=host, %p=poprt, %r=user)
" ControlPersist 30 "                                  # After log out of last sesion keep 30s the session open

In this case you will open one TCP connection from SSH Client to SSH Server. In parallel you will create a Unix Socket. In the case that you would like to open parallel SSH connection to same SSH Server from your SSH Client your SSH client program will instead of connecting to SSH Server connect to local Unix Socket.

Description:“ ForwardAgent yes ”

This option will automatically start SSH Agent Forwarding from your SSH Client to SSH Server. It is same as you will use “ –A “ switch at ssh command. In the case that you will enable this parameter SSH Client will start SSH Agent forwarding automatically.

Description: “ Host <name_that_we_will_call>”

In some cases you are looking for host specific configuration. In this case it is possible to configure it at the end of our config file.

host SSH_Server                                              # For this server enable SSH Agent Forwarding2
     ForwardAgent yes

Description: “VerifyHostKeyDNS <yes|ask>”

In some cases you are looking for host specific configuration. In this case it is possible to configure it at the end of our config file.

In the case that you are storing all public keys in DNS and you are using DNSSEC it is handy to use this as an authentication authority. In this way client will connect to SSH Server. To validate SSH Server’s keys will be used DNS instead of “ ~/.ssh/known_hosts ”.

Description: “ ForwardX11 yes/no ”

This option will enable X Server Forwarding from SSH Client to SSH Server. This option is handy in case that you would like to run application requiring X server on your SSH Server but you do not wont to install the X Server with Windows manager on the SSH Server. In this case you can use X Server running on your SSH Client site.