ssh multiplexing

1. intro

The concept is very simple — rather than each new SSH connection to a particular server opening up a new TCP connection, you instead multiplex all of your SSH connections down one TCP connection.

The authentication only happens once, when the TCP connection is opened, and thereafter all your extra SSH sessions are sent down that connection.

2. configuration

vi /etc/ssh/ssh_config.d/cid.conf

#
StrictHostKeyChecking no
Ciphers aes128-ctr
# on the server: sshd -T | grep ciphers
# on the client: ssh -Q cipher

ControlMaster auto
ControlPath /tmp/ssh-%r@%h-%p
ControlPersist 24h

3. testing

cid-conn-test

. mkdir dummy
. put file
. rsync dir
. del file and dummy
. elapsed time: 7097 <<<<<<<<<<

cid-conn-test

. mkdir dummy
. put file
. rsync dir
. del file and dummy
. elapsed time: 1635 <<<<<<<<<<

file /tmp/ssh*

/tmp/ssh-cidusr@d01cid.ddns.net-22: socket
/tmp/ssh-root@d01cid.ddns.net-22:   socket

4. xtras

pgrep -a ssh

///
1332 ssh: /tmp/ssh-root@d01cid.ddns.net-22 [mux]
1338 ssh: /tmp/ssh-cidusr@d01cid.ddns.net-22 [mux]

ssh -O check d01cid.ddns.net

Master running (pid=1332)

ssh -O check cidusr@d01cid.ddns.net

Master running (pid=1338)

ssh -O stop d01cid.ddns.net
ssh -O stop cidusr@d01cid.ddns.net
ssh -O exit d01cid.ddns.net
ssh -O exit cidusr@d01cid.ddns.net

5. references

https://www.anchor.com.au/blog/2010/02/ssh-controlmaster-the-good-the-bad-the-ugly/