Ssh

From Igor personal wiki
Jump to: navigation, search

My ssh config file: 

Host *
#  ServerAliveInterval 60 

#======= Cloud servers


Host igor.amazon
        HostName 15.24.16.168
        User ec2-user
        IdentityFile /.ssh/amazon.pem
        LocalForward 8080 localhost:80
        DynamicForward localhost:3128
        ServerAliveInterval 60
#======= Company servers

#MTL
Host yul*
        User Thor

SSH SOCKS proxy:

in config file 

Host IP
DynamicForward localhost:3128

in command line 

ssh -D 2001 user@host.com

SSH dynamic tunneling through FW 

Host YOUR_JUMPOFF_SERVER
DynamicForward localhost:3128

Host *.YOUR_INTERNAL_SERVERS
ProxyCommand /usr/bin/nc -x localhost:3128 %h %p

Local port forward for anyone at home net !

If you want other people on your home subnet to be able to reach the machine at work by SSH, add the option -g : 

$ ssh user@work.example.org -L 10000:172.16.10.10:22 -g

We now see the service is available on all interfaces on your home computer, available for anyone to connect to on the local subnet : 

$ netstat -tunelp | grep 10000
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1000 72265 12543/ssh

SSH -key regeneration

convert Putty public key to OpenSSH format 

ssh-keygen -i -f user.pub

Generate public key from private 

ssh-keygen -y -f /path/to/private/key
Retrieved from "http://wiki.it-security.ca/404.html"