SSH for Linux Tasks

many useful tasks that can be done over SSH. unfortunately, most windoze networks block port 22.

SSH tunnels

Mostly stuff we already know - but you can build ssh tunnels. This allows you to access services locally that originate from another computer or server.

This capability enables you to bypass local DNS filtering (by routing DNS queries through the SSH tunnel instead of to the network's default DNS).

It also allows you to access servers on a private network, from a remote location.

Create ssh tunnel

You need ssh on both the client and server side. You'll run an SSH server on the server side, and connect to it with an SSH client on the client side.

From the client, you'll connect to the server with the ssh command, but with some additional flags that create the SSH tunnel: ssh -L <local-port>:localhost:<remote-port> username@10.1.1.101

Here is what the syntax means:

to forward port 8001 on my local machine, the client, to port 8000 on the remote machine, the server, at IP address 10.1.1.101, I will run the following ssh command:

ssh -L 8001:localhost:8000 username@10.1.1.101

create ssh tunnel through gateway node

suppose we have a gateway node, that is, a device that is able to access two different networks, one private and one public. in practice, this would be a publicly available server on a private network.

Suppose we are sitting at a remote computer, and we want to access a computer inside of a private network at 10.5.5.2.

We can access a gateway node, which has a public ip address of 1.2.3.4 and is also connected to the private network at 10.5.5.3.

From the remote computer, we can ssh into 1.2.3.4, and set up the SSH tunnel to forward a port from the the computer we want to access, at 10.5.5.2, through to the computer at 1.2.3.4, and on back to the remote computer.

If we want to forward port 8000 on the computer inside the private network at 10.5.5.2 through the gateway node and on to port 8001 on our remote machine, we would execute the following ssh command:

$ ssh -L 8001:10.5.5.2:8000 username@1.2.3.4

This will connect to 1.2.3.4 with username, and will then connect to 10.5.5.2.

Now port localhost:8001 on the remote machine will forward to 10.5.5.2:8000

References

"Mastering Linux"

ssh secure shell, the most useful tool in unix SSH  · Category:SSH Tunnels: Building SSH tunnels: SSH Tunnels Tunnel SSH through HTTPS: Stunnel Tunnel SSH through DNS: Iodine Raspberry Pi and SSH: RaspberryPi/Headless  · RaspberryPi/Reverse SSH RaspberryPi/SSH Stunnel  · RaspberryPi/Reverse SSH Stunnel Category:SSH  · Category:Networking Linux and SSH: Linux/SSH Metasploitable/SSH Category:SSH  · Category:Kali  · Category:Networking Flags  · Template:SSHFlag  · e

Networking pages and notes about computer networks. Category:Networking Wired Networks: Man in the Middle attack vectors on wired networks: Man in the Middle/Wired Packet analysis with Wireshark: Wireshark Packet Analysis Linux networking: Linux/Networking Wireless Networks: Using Aircrack: Aircrack Many Ways to Crack a Wifi: Cracking Wifi Linux Networking Linux/Networking  · Linux/SSH  · Linux/File Server Virtual Networks: Notes on OpenVPN: OpenVPN Setting Up a Static Key VPN: OpenVPN/Static Key Settings, Services, and Protocols: Domain Name Servers: DNS  · Linux/DNS IP Version 6: IPv6 Tools: Wireshark  · SSH  · Stunnel  · Tor  · Ettercap  · Aircrack  · Tcpdump Tunnels: Tunnels  · HTTP and HTTPS  · SSH Tunnels  · Linux/SSH Flags  · Template:NetworkingFlag  · e