First version ssh tricks
This commit is contained in:
parent
0f851f0c3d
commit
3c1d998976
20
blog/2019-02-13-ssh-tricks.markdown
Normal file
20
blog/2019-02-13-ssh-tricks.markdown
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: "SSH Tricks"
|
||||||
|
date: 2019-02-13
|
||||||
|
comments: true
|
||||||
|
tags: ssh, shell
|
||||||
|
---
|
||||||
|
|
||||||
|
SSH is omnipresent, and more or less standard in connecting to remove machines. [Even windows is shipping it](https://www.howtogeek.com/336775/how-to-enable-and-use-windows-10s-built-in-ssh-commands/). These are some less known (IMHO), but cool SSH features.
|
||||||
|
|
||||||
|
This is more of a whats possible list, rather how to though.
|
||||||
|
|
||||||
|
1. If you have to ssh to machines only accessible from another control machine, try `-J` flag. `ssh -J control_machine actual_machine` (more details `man ssh`)
|
||||||
|
1. GnuPG keys can also be your ssh key: There is no reason to maintain two sets of keys, you can use your gpg keys are ssh keys. [Arch wiki has a nice explanation](https://wiki.archlinux.org/index.php/GnuPG#SSH_agent).
|
||||||
|
1. If you do use gpg keys, you can store them on a [Yubikey](https://www.yubico.com/) or any supported hardware keys. This ensures your keys are accessible only when they are plugged it, quite useful if you move around computers a lot.
|
||||||
|
1. You can shorten your complicated ssh commands by adding an entry in `~/.ssh/config` file. more [details](https://www.cyberciti.biz/faq/create-ssh-config-file-on-linux-unix/) (also see `man ssh_config`)
|
||||||
|
1. If you want to lend your SSH key to a host you ssh to (to ssh from the guest to somewhere else, git clone from github etc) - try the `-A` flag.
|
||||||
|
1. [SSH can act as a web proxy to fetch requests via your server](https://www.digitalocean.com/community/tutorials/how-to-route-web-traffic-securely-without-a-vpn-using-a-socks-tunnel) - quite handy as a quick and dirty vpn. Emphasis on quick n dirty - don't use this to replace a regular vpn.
|
||||||
|
1. SSH can act as a full fledged VPN (see `-w` flag)
|
||||||
|
1. [SSH can create a reverse shell](https://www.howtoforge.com/reverse-ssh-tunneling), useful if you want to expose a machine behind NAT outside.
|
Loading…
Reference in New Issue
Block a user