This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!


Accelerating OpenSSH connections with ControlMaster

By Marc Abramowitz on June 06, 2006 (8:00:00 AM)

Share    Print    Comments   

OpenSSH 4.0 introduced an interesting new feature called ControlMaster that allows it to reuse an existing connection to a remote host when opening new connections to that host. This can significantly reduce the amount of time it takes to establish connections after the initial connection. Let's see how this can help you work faster, and how to start using ControlMaster right away.

The reduced connection times that the ControlMaster feature provides are particularly nice when you're using tools that open multiple SSH connections to do work on a remote server, such as:

Before setting up the ControlMaster feature, I executed the command time ssh shifter hostname 10 times to judge the response of a remote system -- shifter is the name of the remote host, hostname is a single command to execute on the remote host. The average time was 1.9 seconds.

Then I set up the ControlMaster feature by adding the following lines to my ~/.ssh/config:

Host *
ControlMaster auto
ControlPath ~/.ssh/master-%r@%h:%p

I then opened an SSH connection to shifter and left the connection open while executing the command time ssh shifter hostname another 10 times. This time, the average time was 0.9 seconds -- about half as much as before.

Note that the ControlPath expansion of the remote name (%r), host (%h), and path (%p) only works with OpenSSH 4.2 or newer. If you are using earlier versions in the 4.x series, such as the version of OpenSSH that ships with Ubuntu Breezy, SUSE 10, and Fedora Core 4, you'll need to do a little extra work to create a ControlMaster connection.

To set up the master connection, run ssh -M -S ~/.ssh/remote-host user@remotehost . Then, run ssh -S ~/.ssh/remote-host user@remotehost for subsequent connections to the same host.

With ControlMaster, you can speed up your SSH connections, and it only takes a few lines in a config file.

Share    Print    Comments   


on Accelerating OpenSSH connections with ControlMaster

Note: Comments are owned by the poster. We are not responsible for their content.

Easier when someone else does it beforehand

Posted by: Anonymous Coward on June 06, 2006 05:49 PM
Does it slow down the initial connection or anything, or can I presume that this'll end up being the default setting in distributions that don't have a specific reason to turn it off?


Unexpected Behavior

Posted by: Anonymous Coward on June 06, 2006 11:54 PM
I tried this on OS X using the unstable 4.2p1 version of OpenSSH from Fink. There is unexpected behavior with other applications that use SSH when I have it enabled in my ssh config. Transmit, for example, gives a "Permission Denied" error while the configuration is enabled.



Posted by: Anonymous Coward on June 24, 2006 12:39 AM
that is awesome -- gave my tramp a huge speedup!

[in response to previous post] im also using osx (w/ openssh v4.3 from darwinports) and i also get the "permission denied" in transmit (only for sftp connections)<nobr> <wbr></nobr>... sftp to the same host from command line seems to work fine<nobr> <wbr></nobr>... figure ill not be needing transmit too much though, now that tramp is running like 3 times faster.


bad choice of controlPath - cygwin with windows

Posted by: Anonymous Coward on January 29, 2007 11:26 PM
':' is not a legal character in path names,
try instead

ControlPath ~/.ssh/master-%r@%h.%p

Also, isn't the whole point of putting ControlPath in<nobr> <wbr></nobr>.ssh/config to make the '-S ' argument uneccessary? And doesn't the 'ControlMaster auto' also make the toggling -M uneccessary?


Accelerating OpenSSH connections with ControlMaster

Posted by: Anonymous [ip:] on August 06, 2007 09:25 PM
This trick seemed very nice but it broke my display export when ssh:ing. Got the classic 'Error: Can't open display: '. Does anybody know a way around? Running os X 10.4. SSH client is OpenSSH_4.5p1.



run "ssh -N -f host" to get a connection that stays open

Posted by: Anonymous [ip:] on September 25, 2007 04:59 AM
ssh -N -f host

opens a connection and goes into the background without executing a remote command so you don't need to keep a window or shell running locally just to keep that connection.

greetings, eMBee.


this removes the need to retype passwords

Posted by: Anonymous [ip:] on September 25, 2007 05:11 AM
for those of us not using ssh-agent, this method also removes the need to retype the password for every command because no new connection is created.
this can save a lot of typing, especially when using cvs where every command requires a server connection, or svn or even git-svn dcommit, which run multiple commands over ssh for one operation.

greetings, eMBee.


Re: this removes the need to retype passwords

Posted by: Anonymous [ip:] on November 16, 2007 05:34 PM
Why not just use the authorized_keys file to manage that?


Accelerating OpenSSH connections with ControlMaster

Posted by: Anonymous [ip:] on February 27, 2008 11:59 PM
Hey I think you forgot to mention that you need one connection to be active for the second to be accelerated.
I get some 10x improvement in the second one (and that too on a 1GBps LAN!). You can simply make ssh hang around in the background with this command:
ssh -fMN <hostname>


This story has been archived. Comments can no longer be posted.

Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya