SSH for Linux Tasks
many useful tasks that can be done over SSH. unfortunately, most windoze networks block port 22.
Mostly stuff we already know - but you can build ssh tunnels. This allows you to access services locally that originate from another computer or server.
This capability enables you to bypass local DNS filtering (by routing DNS queries through the SSH tunnel instead of to the network's default DNS).
It also allows you to access servers on a private network, from a remote location.
Create ssh tunnel
You need ssh on both the client and server side. You'll run an SSH server on the server side, and connect to it with an SSH client on the client side.
From the client, you'll connect to the server with the ssh command, but with some additional flags that create the SSH tunnel:
ssh -L <local-port>:localhost:<remote-port> firstname.lastname@example.org
Here is what the syntax means:
to forward port 8001 on my local machine, the client, to port 8000 on the remote machine, the server, at IP address 10.1.1.101, I will run the following ssh command:
ssh -L 8001:localhost:8000 email@example.com
create ssh tunnel through gateway node
suppose we have a gateway node, that is, a device that is able to access two different networks, one private and one public. in practice, this would be a publicly available server on a private network.
Suppose we are sitting at a remote computer, and we want to access a computer inside of a private network at 10.5.5.2.
We can access a gateway node, which has a public ip address of 126.96.36.199 and is also connected to the private network at 10.5.5.3.
From the remote computer, we can ssh into 188.8.131.52, and set up the SSH tunnel to forward a port from the the computer we want to access, at 10.5.5.2, through to the computer at 184.108.40.206, and on back to the remote computer.
If we want to forward port 8000 on the computer inside the private network at 10.5.5.2 through the gateway node and on to port 8001 on our remote machine, we would execute the following ssh command:
$ ssh -L 8001:10.5.5.2:8000 firstname.lastname@example.org
This will connect to 220.127.116.11 with username, and will then connect to 10.5.5.2.
Now port localhost:8001 on the remote machine will forward to 10.5.5.2:8000
You can configure ssh by editing system-wide configuration files (affects everyone) or user-specific files (affect only you).
User-specific ssh configuration
User specific configuration file for ssh is located in
Example of file defining several hosts with fixed IP addresses:
Host dummy Hostname 18.104.22.168 Port 22 User foobar Host dada Hostname 22.214.171.124 Port 20 User stein
These entries can be modified to add a server alive interval, which specifies an interval at which to send a keep alive packet to keep your connection alive.
Host dummy ServerAliveInterval 60 Hostname 126.96.36.199 Port 22 User foobar
to set keep alive interval for all hosts:
Host * ServerAliveInterval 60
System ssh configuration
To change ssh config for whole system, use files at
/etc/ssh/ssh_config - just config for clients /etc/ssh/ssh_config - config for everything\
mosh = mobile shell
keeps your session alive even if connection drops
apt-get install mosh
works just like ssh:
$ mosh email@example.com
$ mosh -p 2332 firstname.lastname@example.org
sshsecure shell, the most useful tool in unix
Building SSH tunnels: SSH Tunnels
Tunnel SSH through HTTPS: Stunnel
Tunnel SSH through DNS: Iodine
Raspberry Pi and SSH:
Linux and SSH:
Flags · Template:SSHFlag · e
Networkingpages and notes about computer networks.
Man in the Middle attack vectors on wired networks: Man in the Middle/Wired
Packet analysis with Wireshark: Packet Analysis
Linux networking: Linux/Networking
Using Aircrack: Aircrack
Many Ways to Crack a Wifi: Cracking Wifi
Notes on OpenVPN: OpenVPN
Setting Up a Static Key VPN: OpenVPN/Static Key
IP Version 6: IPv6
Flags · Template:NetworkingFlag · e