Simon Willison’s Weblog

SSH has no Host header (via) exe.dev is a new hosting service that, for $20/month, gives you up to 25 VMs "that share 2 CPUs and 8GB RAM". Everything happens over SSH, including creating new VMs. Once configured you can sign into your exe.dev VMs like this:

ssh simon.exe.dev

Here's the clever bit: when you run the above command exe.dev signs you into your VM of that name... but they don't assign every VM its own IP address and SSH has no equivalent of the Host header, so how does their load balancer know which of your VMs to forward you on to?

The answer is that while they don't assign a unique IP to every VM they do have enough IPs that they can ensure each of your VMs has an IP that is unique to your account.

If I create two VMs they will each resolve to a separate IP address, each of which is shared with many other users. The underlying infrastructure then identifies my user account from my SSH public key and can determine which underlying VM to forward my SSH traffic to.

# 22nd January 2026, 11:57 pm / dns, hosting, ssh

Restricting SSH connections to devices within a Tailscale network. TIL how to run SSH on a VPS instance (in this case Amazon Lightsail) such that it can only be SSHd to by devices connected to a private Tailscale VPN.

# 23rd April 2020, 6:28 pm / security, ssh, tailscale, til

Fabric 0.9.0. A Python-based SSH automation and deployment tool. Released today, 0.9.0 is finally the official “stable” release—which is good, as it breaks API compatibility with previous versions and caused me all sorts of confusion when I tried to learn Fabric recently.

# 9th November 2009, 2:02 pm / deployment, fabric, python, ssh

How We Made GitHub Fast. Detailed overview of the new GitHub architecture. It’s a lot more complicated than I would have expected—lots of moving parts are involved in ensuring they can scale horizontally when they need to. Interesting components include nginx, Unicorn, Rails, DRBD, HAProxy, Redis, Erlang, memcached, SSH, git and a bunch of interesting new open source projects produced by the GitHub team such as BERT/Ernie and ProxyMachine.

# 21st October 2009, 9:14 pm / drbd, erlang, ernie, git, github, haproxy, memcached, nginx, proxymachine, rails, redis, replication, ruby, scaling, ssh, unicorn

jessenoller.com—python magazine. Jesse Noller has been sharing his articles originally published in Python Magazine. Topics include SSH programming with Paramiko, context managers and the with statement and an excellent explanation of Python’s threading support and the global interpreter lock.

# 5th February 2009, 11:10 pm / contextmanagers, gil, jesse-noller, paramiko, python, pythonmagazine, ssh, threads

ExpanDrive. Looks like this SFTP mounting application for OS X fixes the problems I’ve had with sshfs (which tends to freeze things up if you lose your network connection while using it).

# 4th March 2008, 7:32 pm / expandrive, john-gruber, sftp, ssh, sshfs

Net::SSH revisited (via) Dependency injection (at least in Ruby) officially isn’t cool any more.

# 1st August 2007, 10:42 am / assaf-arkin, dependencyinjection, jamis-buck, ruby, ssh

SSH ControlPath/ControlMaster. How to get OpenSSH v4 and above to re-use an existing SSH connection for multiple sessions, dramatically speeding up connection start times.

# 18th December 2006, 11:53 am / nick-burch, ssh, torchbox

Secure wireless email on Mac OS X. Doug Bowman’s tutorial on SSH Tunnel Manager and wireless security.

# 8th February 2005, 11:20 am / douglas-bowman, email, macos, security, ssh