chawley/MarkdownNotes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
198fec048a4fd2a43180c402be44e2e4bfcab08c
MarkdownNotes/SSH Notes.md
chawley 198fec048a Migrated from ncnotes
2023-04-26 15:42:07 -04:00

4.3 KiB
Raw Blame History

SSH Notes

SSH Tunneling

Local Forwarding

Examples

NOTE: these use autossh to prevent the tunnel from dying

Plex

autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com

ESXi

autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 chawley@aristotle.planethawleywood.com

Both ESXi and AWX

autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 -L 8091:192.168.0.25:80 chawley@aristotle.planethawleywood.com

Both Plex and Derry OD

autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 -L 8070:192.168.0.209:80 chawley@aristotle.planethawleywood.com
Protocol SSH
From my office workstation
To RRD Jumpbox (54.84.9.50)
Via chawley2@ladmin2
Notes I have the jumpbox host configured in.ssh/config on both machines
ssh -N -L 8090:54.184.92.50:22 chawley2@ladmin2.precisiondm.com
Protocol web
From my office workstation
To Plex (derry)
Via chawley@aristotle
ssh -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com

Remote Forwarding

NOTE: By default, OpenSSH only allows connecting to remote forwarded ports from the server host. However, the GatewayPorts option in the server configuration file sshd_config can be used to control this.

The following alternatives are possible:

GatewayPorts no

This prevents connecting to forwarded ports from outside the server computer.

GatewayPorts yes

This allows anyone to connect to the forwarded ports. If the server is on the public Internet, anyone on the Internet can connect to the port.

Examples

Protocol web
From derry
To overlook
Notes This allows you to access apache web pages on derry by visiting http://overlook.planethawleywood.com:8888 as long as GatewayPorts yes is present in /etc/ssh/sshd_config (as explained above) and port 8888 is open on Overlook
ssh -R 8888:localhost:80 root@overlook

Reference

Kill Unresponsive SSH

Summary

Lets say youre happily typing in your remote shell when all of a sudden, the crappy Wi-Fi network youre using goes down. You end up with a perfectly unusable frozen shell, ugh!

To do that, assuming you lost connectivity, press in that order:

[Enter]
~
.

That is, <return key> then tilde then period

This will send an escape sequence to your local SSH client and terminate the connection.—So this will always work even without a network connection.

Heres the list of escape sequences:

Supported escape sequences:

~. - terminate connection (and any multiplexed sessions)
~B - send a BREAK to the remote system
~C - open a command line
~R - Request rekey (SSH protocol 2 only)
~^Z - suspend ssh
# - list forwarded connections
& - background ssh (when waiting for connections to terminate)
~? - this message
~~ - send the escape character by typing it twice

(Note that escapes are only recognized immediately after newline.)

SSH Keygen

Generate an SSH Key with a comment

ssh-keygen -C "comment" -f <file>
Reference in New Issue View Git Blame Copy Permalink