On Windows, there is the fantastic SSH2 tool SecureCRT. Or if you're cash crunched, a combination of Putty and Putty Connection Manager works for many.

On Mac OSX and Unix/Linux systems, one doesn't truly need an SSH client at all, because the "Terminal" application is inbuilt. People talk of iTerm and such, but I have still to see a value add for such tools.

But one does miss the convenience of SecureCRT on OSX, because I have still to find a true SecureCRT alternative for the Mac platform. Something that allows me to make pre-determined connections so I can just click on them to connect (which tools like JellyfiSSH do) and then logs me in directly without prompting for a password (which JellyfiSHH does not do).

So I have simply made aliases in my [code].profile[/code] file, which gets executed everytime you start your Terminal window (so it's a good place to put your shortcuts and any code you wish to execute when the terminal starts, such as paths).

1. Start the Terminal.
2. Open the profile file for the current user (you).

pico .profile

3. Enter a new line for our shortcut.

alias s='ssh -2 -p 22 user@host.com'

Quick explanation for that command in step 3. The letter "s" is the shortcut I make for connecting to the sniptools.com server. Change it to what you wish. This will mean that when I start Terminal, all I need to do is type "s" and it connects me via SSH to the sniptools.com server. The "-p" switch is an important one because some of us with paranoid security settings might have a different port number than the default port 22 for secure SSH. The rest user/host stuff is self-explanatory. The "-2" is to force SSH2 connections instead of older vanilla SSH.

Now. Save the profile file and source it to try it out:

source .profile

Sourcing is only for this one time, for your current Terminal window, which had already executed the profile file *before* we added this alias. When you start a new Terminal session, these aliases et al will be automatically set for you.

Done. Now your profile has the alias for "s". From now when you type "s" in your Terminal, it will connect, but it will ask you for a password. To get rid of the nagging password, we need to create public authentication key for the domain. This, in fact is what SecureCRT does behind the scenes on Windows too.

Here are the steps to accomplish this. Run these one-time commands in order from the Terminal window.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

# generate pub and priv keys, leave the passphrase empty
# (simply press ENTER when asked for it)
ssh-keygen
 
#copy the pub key to the remote computer
#(change port number if different from the usual 22)
#change "user" to your user name
#change "host" to your domain name
scp -P 22 ~/.ssh/id_rsa.pub user@host:~/
 
#log on to the remote computer
ssh -p 22 user@host
 
#create the .ssh directory in the root login directory, if it doesn't already exist
mkdir .ssh
 
#append key to file
cat id_rsa.pub >> ~/.ssh/authorized_keys
 
#delete the public key file, no longer needed
rm -f id_rsa.pub
 
#log off the remote server
exit
 
#logon to the remote server, without password prompt
ssh -2 -p 22 user@host

That's it. This is a huge timesaver. Now all I need to do to login to the sniptools.com server is type one letter, "s" in the Terminal, and I'm on! Follow these instructions for each host you connect to on a regular basis and you'll love the convenience henceforth.

Most Cpanel/WHM servers come with PHP and Zend installed. With the recent (and important) update of PHP 5.2.1, the Zend Optimizer that is installed by default (version 3.0.1 as of this writing) breaks.

You might begin to see a message like this:

To fix this, simply login to your SSH as root and execute the following command to upgrade Zend Optimiser:

/scripts/installzendopt 3.2.8

Note that if you skip the version number, Zend Optimizer 3.0.1 will be installed by default. The trick is to specify the version as above. This will also work in the future, so as long as you know the latest released version of Zend Optimizer, just replace the red text above with that number.

The recent upgrades of Cpanel have been a pain because they've broken mysqlhotcopy. Not kosher. Fortunately fixing this is pretty easy, by simply downgrading the DBD module of Perl, which mysqlhotcopy relies on.

Usually the error is something like this:

To solve this, simply downgrade the DBD to version 4.001. Create a script anywhere on your root folder as, say, dbd-downgrade.sh:

1
2
3
4
5
6
7
8
9

#!/bin/sh
cd /usr/src
wget -O dbd.tar.gz  "http://search.cpan.org/CPAN/authors/id/C/CA/CAPTTOFU/DBD-mysql-4.001.tar.gz"
gzip -cd dbd.tar.gz | tar xf -
rm -rf dbd.tar.gz
cd DBD-mysql-4.001
perl Makefile.PL
make
make install

Then of course chmod the file to executable (644) and run it:

Then try your mysqlhotcopy command again. It should work. The only thing to consider is that if your Cpanel is setup to upgrade automatically, it may rebuild DBD. You may need to downgrade the DBD again, until this thing is fixed!

If after this update, you see the error for RELOAD privileges, like this…

DBD::mysql::db do failed: Access denied; you need the RELOAD privilege for this operation at /usr/bin/mysqlhotcopy line 472.

…then simply login to mysql as "root" user through the root SSH terminal, and execute the following command:

mysql>  grant all privileges on *.* to root@localhost;
mysql>  flush privileges;

Done. That should do it. Let me know if it doesn't.

A more long term fix

MySQL bug list has a couple of suggested fixes. If you are comfortable with Perl, you can edit the code in /usr/bin/mysqlhotcopy and have it solved in a better way.