high latency connection

mosh

forwarding

ssh -L 8888:127.0.0.1:8384 koi In this example I'm creating an ssh connection with a computer called koi. I have the hostname in my /etc/hosts, but you could always type out the actual IP address. The 8384 is the remote port I want to read on koi and 8888 is the local port I will allocate for this purpose. Once I run the command I could open a browser to 127.0.0.1:8888 and configure syncthing on koi!

change or add pass to your existing keys

ssh-keygen -p

auto start ssh-agent

add the following to your .profile:

# start ssh-agent
export SSH_AUTH_SOCK=${HOME}/.ssh/agent
if ! pgrep -u ${USER} ssh-agent > /dev/null; then
	rm -f ${SSH_AUTH_SOCK}
fi
if [ ! -S ${SSH_AUTH_SOCK} ]; then
	eval $(ssh-agent -a ${SSH_AUTH_SOCK} 2> /dev/null)
fi

AddKeysToAgent 52w

Automatically add keys to running ssh-agent. This sets the lifetime to 52 weeks, you could also set it to yes for the default or any other time value. See man ssh_config for more details.

prevent session disconnect

Sometimes your session will disconnect if you let it idle for too long. This is useful for preventing empty sessions from hanging around forever, but is horribly annoying if it's too short.

ClientAliveInterval 60
ClientAliveCountMax 86400

ssh apps

You can create applications over ssh using the sshd ForceCommand option. Here's an example of creating a playable boggle game over ssh:

sshd config

Match User boggle
	X11Forwarding no
	AllowTcpForwarding no
	ForceCommand "/usr/games/boggle"
	PasswordAuthentication yes
	PermitEmptyPasswords yes

An advantage of using sshd ForceCommand rather than setting the user's shell is that this also blocks sftp and other weird trickery.

create boggle user without password

sudo apt install bsdgames
sudo adduser boggle
sudo sed -i 's/nullok_secure/nullok/' /etc/pam.d/common-auth
sudo passwd -d boggle

Editing /etc/pam.d/common-auth is needed on most PAM systems. By default PAM will not authenticate users without a password as a backup security measure.