2,306
edits
Changes
Jump to navigation
Jump to search
mLine 44:
Line 44: − netstat -n --protocol inet | grep ':22'+ − sudo lsof -i -n | egrep '\<ssh\>'+ − sudo lsof -i -n | egrep '\<sshd\>'</nowiki>+ Line 90:
Line 90: − IdentityFile ~/.ssh/Trinity.pub+ − User rafa+ − port 10535+ − + − === $WORK/.ssh/config ===+ − Host flirt+ − IdentityFile ~/.ssh/Trinity.pub+ − User rafa+ − port 10536</nowiki>+ − IdentityFile ~/.ssh/DNC-FKY.pem+ − + − Host *+ − ServerAliveInterval 30+ − ServerAliveCountMax 2+ − + − Host mi6.rra.lan+ − IdentityFile ~/.ssh/rra_fake.pem+ − User rra+ − + − Host leaks.rra.lan+ − IdentityFile ~/.ssh/rt_rsa+ − User xe50582+ − + − Host news.menupayapp.com+ − IdentityFile ~/.ssh/rra_id.pem+ − User ubuntu+ − + − Host 20.1.40.109+ − IdentityFile ~/.ssh/rt_rsa+ − User rra+ − + − Host gitrra.dyndns.org+ − IdentityFile ~/.ssh/DNC-FKY.pem+ − User ubuntu+ − + − Host mapper1+ − IdentityFile ~/.ssh/id_rsa+ − HostName WF00MPA1.igrupobbva+ − User pi+ − + − Host mapper2+ − IdentityFile ~/.ssh/id_rsa+ − HostName WF00MPA2.igrupobbva+ − User pi+ − + − + − + − # LEAVE THIS ONES AT THE BOTTOM (WILDCHARS) First match will be used + − Host 20.1.40.*+ − IdentityFile ~/.ssh/rt_rsa+ − User xe50582+ − + − Host *.rra.lan+ − IdentityFile ~/.ssh/rt_rsa+ − User xe50582+ − + − + − Host 10.255.0.*+ − IdentityFile ~/.ssh/rt_rsa+ − User xe50582</nowiki>+ Line 178:
Line 178: − Host *+ − ServerAliveInterval 60+ − ServerAliveCountMax 2</nowiki>+ Line 191:
Line 191: − echo 60 > /proc/sys/net/ipv4/tcp_keepalive_time</nowiki>+ Line 246:
Line 246: − + Line 253:
Line 253: − IdentityFile ~/.ssh/DNC-FKY.pem+ − User ubuntu+ − Host *+ − ServerAliveInterval 30+ − ServerAliveCountMax 2+ − + − Host 10.255.0.*+ − IdentityFile ~/.ssh/rt_rsa+ − User xe50582+ − + − Host leaks.rra.lan+ − IdentityFile ~/.ssh/rt_rsa+ − User xe50582+ − + − Host news.menupayapp.com+ − IdentityFile ~/.ssh/rra_id.pem+ − User ubuntu+ − + − Host 20.1.40.109+ − IdentityFile ~/.ssh/rt_rsa+ − User rra+ − + − Host 20.1.40.*+ − IdentityFile ~/.ssh/rt_rsa+ − User xe50582+ − + − + − Host pdgrt.rra.lan+ − User rra+ − + − + − host geoip.dyndns.org+ − IdentityFile ~/.ssh/rra_springfield.pem+ − User ubuntu+ − + − host rrafara.dyndns.org+ − IdentityFile ~/.ssh/DNC.pem+ − User ubuntu+ − + − host deathnote.rra.lan+ − User rra+ − + − host savvius.rra.lan+ − User root+ − + − + − Host *.rra.lan+ − # IdentityFile ~/.ssh/rt_rsa+ − User xe50582+ − + − + − Host 10.255.0.32+ − IdentityFile ~/.ssh/rra_fake.pem+ − user rra+ − + − Host aws-gitlab+ − IdentityFile ~/.ssh/DNC-FKY.pem+ − User ubuntu+ − </nowiki>+ − <nowiki>Host *.herrerosolis.com+ − IdentityFile ~/.ssh/whispers.pem+ − User ubuntu+ − + − Host geoip.dyndns.org+ − IdentityFile /media/rafa/secrets/.ssh/rra_springfield+ − User ubuntu+ − + − Host morpheus+ − IdentityFile ~/.ssh/Trinity.pub+ − User rafa+ − Port 10535+ − + − Host flirt+ − IdentityFile ~/.ssh/Trinity.pub+ − User rafa+ − Port 10536+ − + − Host kodi+ − User root+ − PreferredAuthentications password+ − PubkeyAuthentication no+ − + − + − #Host bitbucket.org+ − # IdentityFile ~/.ssh/cpc_bitbucket+ − + − Host peibol.duckdns.org+ − User ubuntu+ − IdentityFile ~/.ssh/Trinity+ − + − Host lightning01+ − User pi+ − IdentityFile ~/.ssh/Trinity+ − + − Host scripting-ssii.rra.lan+ − User rra+ − + − Host *.rra.lan+ − User xe50582+ − + − Host felixnomada.duckdns.org+ − User ubuntu+ − IdentityFile ~/.ssh/felixInteractions.pem+ − + − Host bitbucket.org+ − IdentityFile ~/.ssh/bitbucket</nowiki>+ + + + + + + + + + + + + + + + + + + + + +
→Trinity
===Check/close open tunnels===
===Check/close open tunnels===
<nowiki>
<nowiki>
netstat -n --protocol inet | grep ':22'
sudo lsof -i -n | egrep '\<ssh\>'
sudo lsof -i -n | egrep '\<sshd\>'</nowiki>
'''To close open tunnels'''<br />
'''To close open tunnels'''<br />
===$HOME/.ssh/config===
===$HOME/.ssh/config===
<nowiki>Host morpheus
<nowiki>Host morpheus
IdentityFile ~/.ssh/Trinity.pub
User rafa
port 10535
=== $WORK/.ssh/config ===
Host flirt
IdentityFile ~/.ssh/Trinity.pub
User rafa
port 10536</nowiki>
(connections config)
(connections config)
<nowiki>Host fpsim-frontend
<nowiki>Host fpsim-frontend
IdentityFile ~/.ssh/DNC-FKY.pem
Host *
ServerAliveInterval 30
ServerAliveCountMax 2
Host mi6.rra.lan
IdentityFile ~/.ssh/rra_fake.pem
User rra
Host leaks.rra.lan
IdentityFile ~/.ssh/rt_rsa
User xe50582
Host news.menupayapp.com
IdentityFile ~/.ssh/rra_id.pem
User ubuntu
Host 20.1.40.109
IdentityFile ~/.ssh/rt_rsa
User rra
Host gitrra.dyndns.org
IdentityFile ~/.ssh/DNC-FKY.pem
User ubuntu
Host mapper1
IdentityFile ~/.ssh/id_rsa
HostName WF00MPA1.igrupobbva
User pi
Host mapper2
IdentityFile ~/.ssh/id_rsa
HostName WF00MPA2.igrupobbva
User pi
# LEAVE THIS ONES AT THE BOTTOM (WILDCHARS) First match will be used
Host 20.1.40.*
IdentityFile ~/.ssh/rt_rsa
User xe50582
Host *.rra.lan
IdentityFile ~/.ssh/rt_rsa
User xe50582
Host 10.255.0.*
IdentityFile ~/.ssh/rt_rsa
User xe50582</nowiki>
==LDAP ldapkeyfile==
==LDAP ldapkeyfile==
create file: /home/user/.ssh/config with the following content: (client side) chmod 600
create file: /home/user/.ssh/config with the following content: (client side) chmod 600
<nowiki>
<nowiki>
Host *
ServerAliveInterval 60
ServerAliveCountMax 2</nowiki>
For each user, or ading to /etc/ssh/ssh_config
For each user, or ading to /etc/ssh/ssh_config
ServerAliveInterval 60
ServerAliveInterval 60
2:
2:
<nowiki>
<nowiki>
echo 60 > /proc/sys/net/ipv4/tcp_keepalive_time</nowiki>
Shell script to reconnect on broken pipe:
Shell script to reconnect on broken pipe:
Path ~/.ssh/config
Path ~/.ssh/config
== Kill User sessions ==
==Kill User sessions==
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
ps aux | grep xe84049 | grep sshd | awk '{print $2}' | xargs -n 1 sudo kill -9
ps aux | grep xe84049 | grep sshd | awk '{print $2}' | xargs -n 1 sudo kill -9
===Work===
===Work===
<nowiki>Host fpsim-frontend
<nowiki>Host fpsim-frontend
IdentityFile ~/.ssh/DNC-FKY.pem
User ubuntu
Host *
ServerAliveInterval 30
ServerAliveCountMax 2
Host 10.255.0.*
IdentityFile ~/.ssh/rt_rsa
User xe50582
Host leaks.rra.lan
IdentityFile ~/.ssh/rt_rsa
User xe50582
Host news.menupayapp.com
IdentityFile ~/.ssh/rra_id.pem
User ubuntu
Host 20.1.40.109
IdentityFile ~/.ssh/rt_rsa
User rra
Host 20.1.40.*
IdentityFile ~/.ssh/rt_rsa
User xe50582
Host pdgrt.rra.lan
User rra
host geoip.dyndns.org
IdentityFile ~/.ssh/rra_springfield.pem
User ubuntu
host rrafara.dyndns.org
IdentityFile ~/.ssh/DNC.pem
User ubuntu
host deathnote.rra.lan
User rra
host savvius.rra.lan
User root
Host *.rra.lan
# IdentityFile ~/.ssh/rt_rsa
User xe50582
Host 10.255.0.32
IdentityFile ~/.ssh/rra_fake.pem
user rra
Host aws-gitlab
IdentityFile ~/.ssh/DNC-FKY.pem
User ubuntu
</nowiki>
===Trinity===
===Trinity===
<syntaxhighlight lang="bash">
PreferredAuthentications password
PubkeyAuthentication no
Host *.herrerosolis.com
IdentityFile ~/.ssh/whispers.pem
User ubuntu
Host herrerosolis.com
IdentityFile ~/.ssh/whispers.pem
User ubuntu
Host git.herrerosolis.com
IdentityFile ~/.ssh/whispers.pem
User ubuntu
Host geoip.dyndns.org
IdentityFile /media/rafa/secrets/.ssh/rra_springfield
User ubuntu
Host morpheus.lan
IdentityFile ~/.ssh/Trinity.pub
User rafa
Port 10535
Host flirt
IdentityFile ~/.ssh/Trinity.pub
User rafa
Port 10536
Host pivpn*
IdentityFile ~/.ssh/Trinity.pub
User pi
Host kodi.lan
User root
PreferredAuthentications password
PubkeyAuthentication no
Host libreelec.lan
User root
PreferredAuthentications password
PubkeyAuthentication no
#Host bitbucket.org
# IdentityFile ~/.ssh/cpc_bitbucket
Host peibol.duckdns.org
User ubuntu
IdentityFile ~/.ssh/Trinity
Host lightning01
User pi
IdentityFile ~/.ssh/Trinity
Host scripting-ssii.rra.lan
User rra
Host *.rra.lan
User xe50582
Host felixnomada.duckdns.org
User ubuntu
IdentityFile ~/.ssh/felixInteractions.pem
Host bitbucket.org
IdentityFile ~/.ssh/bitbucket
</syntaxhighlight>