For remote work (i.e. not in LAN) I find the following settings helpful.
Host *
ServerAliveInterval 60
ForwardX11 yes
ControlMaster auto
ControlPath ~/.ssh/ssh_mux_%h_%p_%r
Compression yesI’ve placed them in ~/.ssh/config. Here’s a quick walkthrough (man ssh_config has all the details`):
Host *For all hosts where I login
ServerAliveInterval 60Send a package every 60 seconds, so the connection doesn’t timeout.
ForwardX11 yesAllow me to start GUI applications remotely (same as ssh -X). See caveat at the end.
ControlMaster auto
ControlPath ~/.ssh/ssh_mux_%h_%p_%rThe first connection to each host opens a reusable socket in ~/.ssh/. When I open another connection it will check for such a socket and use it. Speeds up the connection initiation time and removes the password prompt for all but the first connection to a host.
Compression yesCompress the data (stdin/out/err and X-forwarding). I haven’t measured this but maybe it helps.
Caveat: If you get messages like
X11 forwarding request failed on channel 1
then you are accessing a host via ssh that does not allow for X forwarding, but you tried it due to ForwardX11 yes. For me this happened with git pull, which uses ssh under the hood. To be honest, it took a while until I understood why the message came.
Solution: Exclude the host that doesn’t support X forwarding:
Host *
ServerAliveInterval 60
ControlMaster auto
ControlPath ~/.ssh/ssh_mux_%h_%p_%r
Compression yes
Host * !some.server.com
ForwardX11 yes