June 6, 2006

Accelerating OpenSSH connections with ControlMaster

Author: Marc Abramowitz

OpenSSH 4.0 introduced an interesting new feature called ControlMaster that allows it to reuse an existing connection to a remote host when opening new connections to that host. This can significantly reduce the amount of time it takes to establish connections after the initial connection. Let's see how this can help you work faster, and how to start using ControlMaster right away.

The reduced connection times that the ControlMaster feature provides are particularly nice when you're using tools that open multiple SSH connections to do work on a remote server, such as:

Before setting up the ControlMaster feature, I executed the command time ssh shifter hostname 10 times to judge the response of a remote system -- shifter is the name of the remote host, hostname is a single command to execute on the remote host. The average time was 1.9 seconds.

Then I set up the ControlMaster feature by adding the following lines to my ~/.ssh/config:

Host *
ControlMaster auto
ControlPath ~/.ssh/master-%r@%h:%p

I then opened an SSH connection to shifter and left the connection open while executing the command time ssh shifter hostname another 10 times. This time, the average time was 0.9 seconds -- about half as much as before.

Note that the ControlPath expansion of the remote name (%r), host (%h), and path (%p) only works with OpenSSH 4.2 or newer. If you are using earlier versions in the 4.x series, such as the version of OpenSSH that ships with Ubuntu Breezy, SUSE 10, and Fedora Core 4, you'll need to do a little extra work to create a ControlMaster connection.

To set up the master connection, run ssh -M -S ~/.ssh/remote-hostuser@remotehost. Then, run ssh -S ~/.ssh/remote-hostuser@remotehost for subsequent connections to the same host.

With ControlMaster, you can speed up your SSH connections, and it only takes a few lines in a config file.