chawley/MarkdownNotes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
ccadd256930252ad5457e7dcbda0164c25c54ff9
MarkdownNotes/SSH Notes.md
chawley 198fec048a Migrated from ncnotes
2023-04-26 15:42:07 -04:00

212 lines
4.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# SSH Notes
## SSH Tunneling
### Local Forwarding
#### Examples
NOTE: these use autossh to prevent the tunnel from dying
Plex
```shell
autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com
```
ESXi
```shell
autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 chawley@aristotle.planethawleywood.com
```
Both ESXi and AWX
```shell
autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 -L 8091:192.168.0.25:80 chawley@aristotle.planethawleywood.com
```
Both Plex and Derry OD
```shell
autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 -L 8070:192.168.0.209:80 chawley@aristotle.planethawleywood.com
```
---
<table>
<tr>
<td><strong>Protocol</strong>
</td>
<td>SSH
</td>
</tr>
<tr>
<td><strong>From</strong>
</td>
<td>my office workstation
</td>
</tr>
<tr>
<td><strong>To</strong>
</td>
<td>RRD Jumpbox (54.84.9.50)
</td>
</tr>
<tr>
<td><strong>Via</strong>
</td>
<td>chawley2@ladmin2
</td>
</tr>
<tr>
<td><strong>Notes</strong>
</td>
<td> I have the jumpbox host configured in.ssh/config on both machines
</td>
</tr>
<tr>
<td colspan="2" ><strong><code>ssh -N -L 8090:54.184.92.50:22 chawley2@ladmin2.precisiondm.com</code></strong>
</td>
</tr>
</table>
<table>
<tr>
<td><strong>Protocol</strong>
</td>
<td>web
</td>
</tr>
<tr>
<td><strong>From</strong>
</td>
<td>my office workstation
</td>
</tr>
<tr>
<td><strong>To</strong>
</td>
<td>Plex (derry)
</td>
</tr>
<tr>
<td><strong>Via</strong>
</td>
<td>chawley@aristotle
</td>
</tr>
<tr>
<td colspan="2" ><strong><code>ssh -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com</code></strong>
</td>
</tr>
</table>
### Remote Forwarding
NOTE: By default, OpenSSH only allows connecting to remote forwarded ports from the server host. However, the GatewayPorts option in the server configuration file sshd_config can be used to control this.
The following alternatives are possible:
```shell
GatewayPorts no
```
This prevents connecting to forwarded ports from outside the server computer.
```shell
GatewayPorts yes
```
This allows anyone to connect to the forwarded ports. If the server is on the public Internet, anyone on the Internet can connect to the port.
#### Examples
<table>
<tr>
<td><strong>Protocol</strong>
</td>
<td>web
</td>
</tr>
<tr>
<td><strong>From</strong>
</td>
<td>derry
</td>
</tr>
<tr>
<td><strong>To</strong>
</td>
<td>overlook
</td>
</tr>
<tr>
<td><strong>Notes</strong>
</td>
<td>This allows you to access apache web pages on derry by visiting <code>http://overlook.planethawleywood.com:8888</code> as long as <code>GatewayPorts yes</code> is present in <code>/etc/ssh/sshd_config</code> (as explained above) and port 8888 is open on Overlook
</td>
</tr>
<tr>
<td colspan="2" ><strong><code>ssh -R 8888:localhost:80 root@overlook</code></strong>
</td>
</tr>
</table>
### Reference
* [How To Use SSH Tunneling](https://www.howtogeek.com/168145/how-to-use-ssh-tunneling/)
* [SSH Port Forwarding Example](https://www.ssh.com/ssh/tunneling/example)
## Kill Unresponsive SSH
### Summary
Lets say youre happily typing in your remote shell when all of a sudden, the crappy Wi-Fi network youre using goes down. You end up with a perfectly unusable frozen shell, ugh!
To do that, assuming you lost connectivity, press in that order:
```shell
[Enter]
~
.
```
That is, &lt;return key> then tilde then period
This will send an escape sequence to your local SSH client and terminate the connection.—So this will always work even without a network connection.
Heres the list of escape sequences:
### Supported escape sequences:
`~.` - terminate connection (and any multiplexed sessions) \
`~B` - send a BREAK to the remote system \
`~C` - open a command line \
`~R` - Request rekey (SSH protocol 2 only) \
`~^Z `- suspend ssh \
<code>~<em>#</em></code> - list forwarded connections \
<code>~&</code> - background ssh (when waiting for connections to terminate) \
<code>~?</code> - this message \
<code>~~</code> - send the escape character by typing it twice \
\
(Note that escapes are only recognized immediately after newline.)
## SSH Keygen
### Generate an SSH Key with a comment
```shell
ssh-keygen -C "comment" -f <file>
```
Reference in New Issue View Git Blame Copy Permalink