Changes

Linux: SSH (view source)

Revision as of 14:51, 12 March 2019

174 bytes added , 14:51, 12 March 2019

m

→‎ssh tunneling

Line 35: Line 35:

<source lang="bash">ssh -N -L localport:remotehost:remoteport remoteuser@remotehost

ssh ip_maq_intermedia -L puerto_local_kali:ip_destino_real:puerto_remoto

−

ssh ~~news~~.~~menupayapp~~.com -NL 5432:~~fsim~~-dbpg.c9hdfwhhklwy.eu-central-1.rds.amazonaws.com:5432</source>

+

ssh www.intermediate.com -NL 5432:fesfe-dbpg.c9hdfwhhklwy.eu-central-1.rds.amazonaws.com:5432</source>

Example:

Line 44: Line 44:

===Check/close open tunnels===

−

netstat -n --protocol inet | grep ':22'

+

netstat -n --protocol inet | grep ':22'

−

sudo lsof -i -n | egrep '\<ssh\>'

+

sudo lsof -i -n | egrep '\<ssh\>'

−

sudo lsof -i -n | egrep '\<sshd\>'</nowiki>

+

sudo lsof -i -n | egrep '\<sshd\>'</nowiki>

'''To close open tunnels'''<br />

Line 90: Line 90:

===$HOME/.ssh/config===

<nowiki>Host morpheus

−

IdentityFile ~/.ssh/Trinity.pub

+

IdentityFile ~/.ssh/Trinity.pub

−

User rafa

+

User rafa

−

port 10535

+

port 10535

−

+

−

=== $WORK/.ssh/config ===

+

=== $WORK/.ssh/config ===

−

Host flirt

+

Host flirt

−

IdentityFile ~/.ssh/Trinity.pub

+

IdentityFile ~/.ssh/Trinity.pub

−

User rafa

+

User rafa

−

port 10536</nowiki>

+

port 10536</nowiki>

(connections config)

<nowiki>Host fpsim-frontend

−

IdentityFile ~/.ssh/DNC-FKY.pem

+

IdentityFile ~/.ssh/DNC-FKY.pem

−

+

−

Host *

+

Host *

−

ServerAliveInterval 30

+

ServerAliveInterval 30

−

ServerAliveCountMax 2

+

ServerAliveCountMax 2

−

+

−

Host mi6.rra.lan

+

Host mi6.rra.lan

−

IdentityFile ~/.ssh/rra_fake.pem

+

IdentityFile ~/.ssh/rra_fake.pem

−

User rra

+

User rra

−

+

−

Host leaks.rra.lan

+

Host leaks.rra.lan

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User xe50582

+

User xe50582

−

+

−

Host news.menupayapp.com

+

Host news.menupayapp.com

−

IdentityFile ~/.ssh/rra_id.pem

+

IdentityFile ~/.ssh/rra_id.pem

−

User ubuntu

+

User ubuntu

−

+

−

Host 20.1.40.109

+

Host 20.1.40.109

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User rra

+

User rra

−

+

−

Host gitrra.dyndns.org

+

Host gitrra.dyndns.org

−

IdentityFile ~/.ssh/DNC-FKY.pem

+

IdentityFile ~/.ssh/DNC-FKY.pem

−

User ubuntu

+

User ubuntu

−

+

−

Host mapper1

+

Host mapper1

−

IdentityFile ~/.ssh/id_rsa

+

IdentityFile ~/.ssh/id_rsa

−

HostName WF00MPA1.igrupobbva

+

HostName WF00MPA1.igrupobbva

−

User pi

+

User pi

−

+

−

Host mapper2

+

Host mapper2

−

IdentityFile ~/.ssh/id_rsa

+

IdentityFile ~/.ssh/id_rsa

−

HostName WF00MPA2.igrupobbva

+

HostName WF00MPA2.igrupobbva

−

User pi

+

User pi

−

+

−

+

−

+

−

# LEAVE THIS ONES AT THE BOTTOM (WILDCHARS) First match will be used

+

# LEAVE THIS ONES AT THE BOTTOM (WILDCHARS) First match will be used

−

Host 20.1.40.*

+

Host 20.1.40.*

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User xe50582

+

User xe50582

−

+

−

Host *.rra.lan

+

Host *.rra.lan

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User xe50582

+

User xe50582

−

+

−

+

−

Host 10.255.0.*

+

Host 10.255.0.*

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User xe50582</nowiki>

+

User xe50582</nowiki>

==LDAP ldapkeyfile==

Line 178: Line 178:

create file: /home/user/.ssh/config with the following content: (client side) chmod 600

−

Host *

+

Host *

−

ServerAliveInterval 60

+

ServerAliveInterval 60

−

ServerAliveCountMax 2</nowiki>

+

ServerAliveCountMax 2</nowiki>

For each user, or ading to /etc/ssh/ssh_config

ServerAliveInterval 60

Line 191: Line 191:

2:

−

echo 60 > /proc/sys/net/ipv4/tcp_keepalive_time</nowiki>

+

echo 60 > /proc/sys/net/ipv4/tcp_keepalive_time</nowiki>

Shell script to reconnect on broken pipe:

Line 243: Line 243:

===Work===

<nowiki>Host fpsim-frontend

−

IdentityFile ~/.ssh/DNC-FKY.pem

+

IdentityFile ~/.ssh/DNC-FKY.pem

−

User ubuntu

+

User ubuntu

−

Host *

+

Host *

−

ServerAliveInterval 30

+

ServerAliveInterval 30

−

ServerAliveCountMax 2

+

ServerAliveCountMax 2

−

+

−

Host 10.255.0.*

+

Host 10.255.0.*

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User xe50582

+

User xe50582

−

+

−

Host leaks.rra.lan

+

Host leaks.rra.lan

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User xe50582

+

User xe50582

−

+

−

Host news.menupayapp.com

+

Host news.menupayapp.com

−

IdentityFile ~/.ssh/rra_id.pem

+

IdentityFile ~/.ssh/rra_id.pem

−

User ubuntu

+

User ubuntu

−

+

−

Host 20.1.40.109

+

Host 20.1.40.109

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User rra

+

User rra

−

+

−

Host 20.1.40.*

+

Host 20.1.40.*

−

IdentityFile ~/.ssh/rt_rsa

+

IdentityFile ~/.ssh/rt_rsa

−

User xe50582

+

User xe50582

−

+

−

+

−

Host pdgrt.rra.lan

+

Host pdgrt.rra.lan

−

User rra

+

User rra

−

+

−

+

−

host geoip.dyndns.org

+

host geoip.dyndns.org

−

IdentityFile ~/.ssh/rra_springfield.pem

+

IdentityFile ~/.ssh/rra_springfield.pem

−

User ubuntu

+

User ubuntu

−

+

−

host rrafara.dyndns.org

+

host rrafara.dyndns.org

−

IdentityFile ~/.ssh/DNC.pem

+

IdentityFile ~/.ssh/DNC.pem

−

User ubuntu

+

User ubuntu

−

+

−

host deathnote.rra.lan

+

host deathnote.rra.lan

−

User rra

+

User rra

−

+

−

host savvius.rra.lan

+

host savvius.rra.lan

−

User root

+

User root

−

+

−

+

−

Host *.rra.lan

+

Host *.rra.lan

−

# IdentityFile ~/.ssh/rt_rsa

+

# IdentityFile ~/.ssh/rt_rsa

−

User xe50582

+

User xe50582

−

+

−

+

−

Host 10.255.0.32

+

Host 10.255.0.32

−

IdentityFile ~/.ssh/rra_fake.pem

+

IdentityFile ~/.ssh/rra_fake.pem

−

user rra

+

user rra

−

+

−

Host aws-gitlab

+

Host aws-gitlab

−

IdentityFile ~/.ssh/DNC-FKY.pem

+

IdentityFile ~/.ssh/DNC-FKY.pem

−

User ubuntu

+

User ubuntu

−

</nowiki>

+

</nowiki>

===Trinity===

<nowiki>Host *.herrerosolis.com

−

IdentityFile ~/.ssh/whispers.pem

+

IdentityFile ~/.ssh/whispers.pem

−

User ubuntu

+

User ubuntu

−

+

−

Host geoip.dyndns.org

+

Host geoip.dyndns.org

−

IdentityFile /media/rafa/secrets/.ssh/rra_springfield

+

IdentityFile /media/rafa/secrets/.ssh/rra_springfield

−

User ubuntu

+

User ubuntu

−

+

−

Host morpheus

+

Host morpheus

−

IdentityFile ~/.ssh/Trinity.pub

+

IdentityFile ~/.ssh/Trinity.pub

−

User rafa

+

User rafa

−

Port 10535

+

Port 10535

−

+

−

Host flirt

+

Host flirt

−

IdentityFile ~/.ssh/Trinity.pub

+

IdentityFile ~/.ssh/Trinity.pub

−

User rafa

+

User rafa

−

Port 10536

+

Port 10536

−

+

−

Host kodi

+

Host kodi

−

User root

+

User root

−

PreferredAuthentications password

+

PreferredAuthentications password

−

PubkeyAuthentication no

+

PubkeyAuthentication no

−

+

−

+

−

#Host bitbucket.org

+

#Host bitbucket.org

−

# IdentityFile ~/.ssh/cpc_bitbucket

+

# IdentityFile ~/.ssh/cpc_bitbucket

−

+

−

Host peibol.duckdns.org

+

Host peibol.duckdns.org

−

User ubuntu

+

User ubuntu

−

IdentityFile ~/.ssh/Trinity

+

IdentityFile ~/.ssh/Trinity

−

+

−

Host lightning01

+

Host lightning01

−

User pi

+

User pi

−

IdentityFile ~/.ssh/Trinity

+

IdentityFile ~/.ssh/Trinity

−

+

−

Host scripting-ssii.rra.lan

+

Host scripting-ssii.rra.lan

−

User rra

+

User rra

−

+

−

Host *.rra.lan

+

Host *.rra.lan

−

User xe50582

+

User xe50582

−

+

−

Host felixnomada.duckdns.org

+

Host felixnomada.duckdns.org

−

User ubuntu

+

User ubuntu

−

IdentityFile ~/.ssh/felixInteractions.pem

+

IdentityFile ~/.ssh/felixInteractions.pem

−

+

−

Host bitbucket.org

+

Host bitbucket.org

−

IdentityFile ~/.ssh/bitbucket</nowiki>

+

IdentityFile ~/.ssh/bitbucket</nowiki>

Rafahsolis

Bureaucrats, Administrators

2,306

edits

Changes

Linux: SSH (view source)

Revision as of 14:51, 12 March 2019

Navigation menu

Search