Simon Willison's Weblog: ssh

SSH has no Host header

2026-01-22T23:57:50+00:00

exe.dev is a new hosting service that, for $20/month, gives you up to 25 VMs "that share 2 CPUs and 8GB RAM". Everything happens over SSH, including creating new VMs. Once configured you can sign into your exe.dev VMs like this:

ssh simon.exe.dev

Here's the clever bit: when you run the above command exe.dev signs you into your VM of that name... but they don't assign every VM its own IP address and SSH has no equivalent of the Host header, so how does their load balancer know which of your VMs to forward you on to?

The answer is that while they don't assign a unique IP to every VM they do have enough IPs that they can ensure each of your VMs has an IP that is unique to your account.

If I create two VMs they will each resolve to a separate IP address, each of which is shared with many other users. The underlying infrastructure then identifies my user account from my SSH public key and can determine which underlying VM to forward my SSH traffic to.

Via lobste.rs

Tags: dns, hosting, ssh

Restricting SSH connections to devices within a Tailscale network

2020-04-23T18:28:05+00:00

Restricting SSH connections to devices within a Tailscale network

TIL how to run SSH on a VPS instance (in this case Amazon Lightsail) such that it can only be SSHd to by devices connected to a private Tailscale VPN.

Tags: security, ssh, tailscale, til

Fabric 0.9.0

2009-11-09T14:02:53+00:00

Fabric 0.9.0

A Python-based SSH automation and deployment tool. Released today, 0.9.0 is finally the official “stable” release—which is good, as it breaks API compatibility with previous versions and caused me all sorts of confusion when I tried to learn Fabric recently.

Tags: deployment, fabric, python, ssh

How We Made GitHub Fast

2009-10-21T21:14:38+00:00

How We Made GitHub Fast

Detailed overview of the new GitHub architecture. It’s a lot more complicated than I would have expected—lots of moving parts are involved in ensuring they can scale horizontally when they need to. Interesting components include nginx, Unicorn, Rails, DRBD, HAProxy, Redis, Erlang, memcached, SSH, git and a bunch of interesting new open source projects produced by the GitHub team such as BERT/Ernie and ProxyMachine.

Tags: drbd, erlang, ernie, git, github, haproxy, memcached, nginx, proxymachine, rails, redis, replication, ruby, scaling, ssh, unicorn

jessenoller.com - python magazine

2009-02-05T23:10:43+00:00

jessenoller.com - python magazine

Jesse Noller has been sharing his articles originally published in Python Magazine. Topics include SSH programming with Paramiko, context managers and the with statement and an excellent explanation of Python’s threading support and the global interpreter lock.

Tags: contextmanagers, gil, jesse-noller, paramiko, python, pythonmagazine, ssh, threads

ExpanDrive

2008-03-04T19:32:34+00:00

ExpanDrive

Looks like this SFTP mounting application for OS X fixes the problems I’ve had with sshfs (which tends to freeze things up if you lose your network connection while using it).

Tags: expandrive, john-gruber, sftp, ssh, sshfs

Net::SSH revisited

2007-08-01T10:42:20+00:00

Net::SSH revisited

Dependency injection (at least in Ruby) officially isn’t cool any more.

Via Assaf Arkin

Tags: assaf-arkin, dependencyinjection, jamis-buck, ruby, ssh

SSH ControlPath/ControlMaster

2006-12-18T11:53:20+00:00

SSH ControlPath/ControlMaster

How to get OpenSSH v4 and above to re-use an existing SSH connection for multiple sessions, dramatically speeding up connection start times.

Tags: nick-burch, ssh, torchbox

Secure wireless email on Mac OS X

2005-02-08T11:20:20+00:00

Secure wireless email on Mac OS X

Doug Bowman’s tutorial on SSH Tunnel Manager and wireless security.

Tags: douglas-bowman, email, macos, security, ssh