Sshpeeding things up sshlightly

From the archives

Originally written in March 2015 for the now-defunct blog of the previous incarnation of MetaBroadcast, but still relevant today.

As much as I complain about technology, and despise myself for probably spending more of my life than necessary reading about it… occasionally, a chance encounter with a hyperlink will teach you something so simple and universally helpful that it is impossible not to feel almost… pleased.

(Open)SSH has been a consistent source of joy for me since our first meeting years ago, which makes it pretty amazing that I only found this out last week. But anyway I'm digressing again. I'm just so thrilled with everything.

Get to the Point

Remember, at some point, your internet connection was having a particularly bad day?

$ ssh frustratingly-necessary-machine-for-work.example.com
cd /opt/thingINeedToDo^H^H^W^W^FFFFFFFFF
  …
  …
  …
  [22 seconds tick away]
  …
  …
>>> tim@frustrcd /opt/th

And so on…

This is a particularly extreme example, but the point is, it's obvious that SSH's initial connection/handshake/auth process is fairly expensive. 15 round trips by one account.

This means that if you're doing a variety of things on one box – couple of extra shell sessions, some rsync, etc… the seconds begin to really add up (eventually) and you start to feel like you're wasting your whole life.

The solution? Multiplexing! AKA using OpenSSH's control sockets.

With just a single, trivial config change, your ssh client will automatically use a single connection to a host to carry all of those previously-slow-and-expensive sessions. Even better, it can automatically keep these connections open in the background and re-use them later, meaning new sessions start almost instantaneously!

$ mkdir ~/.ssh/sockets
$ chmod 700 ~/.ssh/sockets

$ vi ~/.ssh/config

[…]
# At end of file, so more specific rules above take precedence

Host *
  ControlMaster auto
  ControlPath ~/.ssh/sockets/%r@%n:%p
  ControlPersist 5m
This means:
  • When connecting to something, automatically try to re-use an existing connection, or failing that, start a shareable one.
  • Keep the sockets (to which new sessions’ clients connect) in this folder with a particular (safe) naming pattern.
  • Use a background SSH client process to manage each connection, so it survives past the session that created it, and don't drop the connections until 5 minutes after all their sessions close.

This is really handy for a number of reasons, primarily that it just works [1] and requires absolutely no thought once it's set up [1].

And the speed boost is great, particularly if:
  • you're really impatient
  • you're connecting to something with a slow round trip
  • you have a bunch of Git pull or push commands to run in sequence
  • ALL OF THE ABOVE (e.g. you have Github or Bitbucket as a remote and you're in the UK, with too much coffee)

So try it! It's really good.

Example of a session being multiplexed
[1](1, 2) Actually some weird tools that try to interfere with their own connection management might break, so you can't quite forget you've done this trick. But it's easy to disable in specific cases, either by giving the -M (just start your own connection) option to the ssh command, or by adding a host-specific ControlMaster no option in your .ssh/config.