(3 intermediate revisions by the same user not shown) | |||
Line 49: | Line 49: | ||
[https://superuser.com/questions/588591/how-to-make-a-ssh-tunnel-publicly-accessible/591963#591963 make ssh tunnel publicly accessible] Warning: if you set GatewayPorts to yes this will make sshd bind your forwardings to any interface - regardless of the client configuration (-R, etc.). This can become quite a security issue if the client assumes he has limited his forwardings to f.e. localhost. Therefore, setting GatewayPorts to clientspecified is usually what you want. |
[https://superuser.com/questions/588591/how-to-make-a-ssh-tunnel-publicly-accessible/591963#591963 make ssh tunnel publicly accessible] Warning: if you set GatewayPorts to yes this will make sshd bind your forwardings to any interface - regardless of the client configuration (-R, etc.). This can become quite a security issue if the client assumes he has limited his forwardings to f.e. localhost. Therefore, setting GatewayPorts to clientspecified is usually what you want. |
||
− | |||
Here's my answer for completion: |
Here's my answer for completion: |
||
+ | <pre> |
||
− | |||
− | I ended up using ssh -R ... for tunneling, and using socat on top of |
+ | I ended up using ssh -R ... for tunneling, and using socat on top of |
+ | that for redirecting network traffic to 127.0.0.1: |
||
− | |||
tunnel binded to 127.0.0.1: |
tunnel binded to 127.0.0.1: |
||
− | + | ssh -R mitm:9999:<my.ip>:8084 me@mitm |
|
⚫ | |||
− | |||
⚫ | |||
− | socat: |
||
+ | find this much slower |
||
⚫ | |||
⚫ | |||
− | |||
+ | </pre> |
||
⚫ | |||
⚫ | |||
=== ssh keys === |
=== ssh keys === |
||
Line 97: | Line 95: | ||
https://www.youtube.com/watch?v=EjARnLxSqOg metasploit https://github.com/rapid7/metasploit-framework create reverse shell. |
https://www.youtube.com/watch?v=EjARnLxSqOg metasploit https://github.com/rapid7/metasploit-framework create reverse shell. |
||
− | === SSH connection === |
||
− | {{{ |
||
− | |||
− | We have a gateway node with 2mb 1:1, this node (gateway1) seams to be |
||
− | acting up! the ssh commands are very slow at times sometimes never |
||
− | conecting,(this via a public address) if I try running a leechtest, the node reports |
||
− | slow speeds at times. |
||
− | |||
− | If I ssh via another gateway (gateway2) and connect to a repeater node |
||
− | between the two gateways and run a leechtest I get full speed (yes the |
||
− | repeater is fixed/locked to gateway1) gateway2 is only strong enough to |
||
− | ssh by, and not provide BW. |
||
− | |||
− | Gateway node 1 is a LW box Via mini atx etc, temp is always under 20c |
||
− | so I don't think the fans are packing up, and this slowness can happen even |
||
− | when there is very little usage. |
||
− | |||
− | ================================= |
||
− | web browser via ssh |
||
− | |||
− | ssh -L 80:192.168.1.254:81 1.2.3.4 |
||
− | Which will allow you to access the web server of 192.168.1.254 via an |
||
− | ssh tunnel to 1.2.3.4 (which can presumably access 192.168.1.254 |
||
− | directly). You access the server by pointing your browser to |
||
− | http://127.0.0.1:81 |
||
− | ============================== |
||
− | WEBBROWSER VIA SSH |
||
− | |||
− | OK, this is what I need to do. |
||
− | I'm testing wtr54gs, and would like to have remote access to them via |
||
− | the mesh box. I have two mesh networks over 80 square miles. I can vpn to the main gateway nodes and access clients of the back of the GW's, but I can not VPN to the Host mapped address's of the repeater |
||
− | nodes from ether host mapped LAN address or WAN address, the host mapped address |
||
− | work fine for ssh. |
||
− | |||
− | ====================== |
||
− | |||
− | vpn directly to a wireles node wont work past the gateway unless you nuse the qorvus code because then standard locustworld code blocks gre 47 pptp traffic past the gateway. But you shouldnt need hsotmap if yu just remotly vpn into gateway and then surf to the 1. address for the wireles nodes, |
||
− | or maybe i dont understand what yoiur trying to do? |
||
− | ========================================== |
||
− | web browser via ssh |
||
− | Great Tim, that works for local connections but I can not get it to |
||
− | work over host mapped routes. vpn is the way to do this. set up your gateway to act aas vpn host th |
||
− | you can surf tothe 1.1.1.1 addresses behinf the gateway. thisis how e |
||
− | manage our qorvus boxes remotely. |
||
− | |||
− | ================================== |
||
− | WEB BROWSER VIA SSH |
||
− | Great Tim, that works for local connections but I can not get it to |
||
− | work over host mapped routes. |
||
− | ANSW: |
||
− | vpn is the way to do this. set up your gateway to act aas vpn host th |
||
− | you can surf tothe 1.1.1.1 addresses behinf the gateway. thisis how e |
||
− | manage our qorvus boxes remotely. |
||
− | ============== |
||
− | Ques: |
||
− | This may work fine with a linux desktop but wouldn't work with a |
||
− | windows machine running putty, no socket betwee the browser and the |
||
− | putty seesion |
||
− | |||
− | Answ: |
||
− | However, since everyone (presumably) has access to a meshbox, you |
||
− | could set the tunnel up on your local meshbox, and then connect to |
||
− | the relevant port on your local meshbox which will forward it through |
||
− | to the remote meshbox. You can run tunnels within tunnels if you need |
||
− | to. |
||
− | =========== |
||
− | }}} |
||
− | |||
− | |||
− | |||
− | |||
− | === SSH into box behind router === |
||
− | {{{ |
||
− | |||
− | I have a static ip on a dsl line and I just forward port 22 to my |
||
− | gateway node. Then you fire up putty or a Linux box, put in the static ip and |
||
− | you ssh right into the gateway node. Then you can ssh into any node on your |
||
− | network or you can setup ssh tunneling on your original connection. If |
||
− | you want a little more security you can pick some way out port number and |
||
− | forward it to port 22 on you first node and get the same results. This |
||
− | all can be done from a dynamic IP also but you have the pain of keeping up |
||
− | with IP changes. |
||
− | |||
− | > Most DSL routers have the ability to setup a DMZ address. Assign |
||
− | your |
||
− | > gateway box a static private IP (10.x.x.x) and set that as your DMZ |
||
− | > address. Then use your public IP provided by your DSL provider to |
||
− | > access it. This become difficult to do if your public address isn't |
||
− | > static. This is also a danger because it open that IP to the world |
||
− | with |
||
− | > little or no firewall protection. If you must, it is advisable to do |
||
− | it |
||
− | > by port mapping and not leave all ports open on it. Read your router |
||
− | > manual for more information. The topics of DMZ and port mapping will |
||
− | > guide you. |
||
− | > |
||
− | > Your mileage may vary by manufacturer both in functionality and |
||
− | quality. |
||
− | > |
||
− | > Ertan Atay wrote: |
||
− | > |
||
− | > >Hi everybody, |
||
− | > > |
||
− | > >How can I ssh into my gateway box from internet which is connected |
||
− | thru |
||
− | an |
||
− | > >ADSL router? Router hands out 10.x.x.x IP to the gateway. If I can |
||
− | do it, |
||
− | > >hopefully I will be able to wormhole two networks, too. |
||
− | > > |
||
− | > >Some says I need to port mapping but wiana is not very helpful on |
||
− | this |
||
− | for |
||
− | > >someone who is not an expert. |
||
− | |||
− | > Most DSL routers have the ability to setup a DMZ address. Assign |
||
− | your |
||
− | > gateway box a static private IP (10.x.x.x) and set that as your DMZ |
||
− | > address. Then use your public IP provided by your DSL provider to |
||
− | > access it. This become difficult to do if your public address isn't |
||
− | > static. This is also a danger because it open that IP to the world |
||
− | > with little or no firewall protection. |
||
− | |||
− | FWIW, add this to your sshd_config: |
||
− | |||
− | AllowUsers yourname@1.2.3.4 |
||
− | |||
− | For each place/user you will be connecting from/as. |
||
− | }}} |
||
=== SSH === |
=== SSH === |
Revision as of 14:52, 25 February 2021
Reverse port forwarding
https://www.howtoforge.com/reverse-ssh-tunneling and http://cb.vu/unixtoolbox.xhtml
Ssh into another pc via a VPS from a client pc behind a NAT or router where the ports are blocked. The idea is for the target pc to create a SSH tunnel to either a server or directly to the client pc. Because we don't wish to expose the client pc's ports to the world a server is used as an intermediary. From the client pc we are finally able to create a ssh session back to the target through this tunnel. Reverse SSH from the Target PC to the middleman: ssh -R {PortOnMiddlePC}:localhost:{PortOnTargetPC} {UserOnMiddlePC}@{IPofMiddlePC} ssh -R 19999:localhost:22 middleman@188.88.88.88 ssh -R remoteport:localport middleman@188.88.88.88 forward whatever connects to the remote host:port on the middleman pc back to the localhost:port from which the ssh -R command is executed(target pc in the context of this example). If you were physically on the server you would ssh to the target pc via the tunnel created by the targetpc with ssh targetusername@localhost -p 19999 |
But because you're not on the middelman pc you have to pull down port 19999 from it: ssh -L {PortOnClientPC}:localhost:{PortOnMiddlePC} {UserOnMiddlePC}@{IPofMiddlePC} ssh -L 19999:localhost:19999 middleman@188.88.88.88 ssh -L localport:remoteport middleman@188.88.88.88 Forward whatever connects to the localhost:port on client pc to the localhost:port on the middleman pc. |
ssh the Target PC from the Client PC in another terminal: ssh target@localhost -p {PortForwardedFromTargetPC} ssh targetusername@localhost -p 19999 |
Using ssh localhost -p 19999 instead will attempt to login as client pc user, instead of as the user on the target pc. /var/log/auth.log flagged that I attempted to login as the wrong user. In other words what we attempted to do on the server pc with ssh targetusername@localhost -p 19999 is now executed on the client pc via local port forwarding from the client pc.
Enable GateWayPorts in the sshd_config file under /etc/ssh on the target pc. The client pc doesn't need sshd_config enabled. As an additional security measure use the -x flag (ssh -x target@localhost -p 19999) if you don't wish to run a X11 session, preventing the target pc from attacking the client pc. Use (ssh -X target@localhost -p 19999) for X11 session.
|
gatewayports
https://github.com/sumup-oss/gocat socat alternative
make ssh tunnel publicly accessible Warning: if you set GatewayPorts to yes this will make sshd bind your forwardings to any interface - regardless of the client configuration (-R, etc.). This can become quite a security issue if the client assumes he has limited his forwardings to f.e. localhost. Therefore, setting GatewayPorts to clientspecified is usually what you want.
Here's my answer for completion:
I ended up using ssh -R ... for tunneling, and using socat on top of that for redirecting network traffic to 127.0.0.1: tunnel binded to 127.0.0.1: ssh -R mitm:9999:<my.ip>:8084 me@mitm socat TCP-LISTEN:9090,fork TCP:127.0.0.1:9999 Other option is to do a local-only tunnel on top of that, but i find this much slower ssh -L<mitm.ip.address>:9090:localhost:9999 localhost
ssh keys
create private public keys https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54
ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com" Only a quantum mechanics type source of indeterminacy(not randomness, which doesn't exist) enables a enough entropy(nobody knows what this word means) seed. Your computer's random number generator isn't connected to a Geiger counter measuring radioactive decay(source of quantum indeterminacy), hence no entropy. All those garbled numbers in your private and public keys only seem garbled, they are actually an easily cracked pattern. If you do use a Geiger counter, the minix operating system on which all OS install will flag you as a high value target back to CIA headquarters. In this numberphile video, the mathematician was unable to define what randomness is because it doesn't exist. He flails around , using analogous reasoning but of course you can't solve problem you can't even define which is why for example https://en.wikipedia.org/wiki/Theory_of_Evolution redirects to https://en.wikipedia.org/wiki/Evolution: there is no such thing as a theory of evolution because nobody knows what is the Lagrangian that maps polypeptide space into frog space. If pigs had wheels mounted on ball bearings instead of trotters, on what scale of porcine fitness would they be?
https://en.wikipedia.org/wiki/Evolution...Evolution is change in the heritable characteristics of biological populations over successive generations...
If Wikipedia had written: Evolution is change in the heritable characteristics of biological populations over successive generations as the Lagrangian maps the quantum entangled DNA super computed calculations from polypeptide dinosaur space into chicken space... then at least the statement would enter the domain of Popper falsifiability but not though escape Agrippian circularity.
notes
https://www.ettercap-project.org/
https://raymii.org/s/tutorials/Limit_access_to_openssh_features_with_the_Match_keyword.html
https://bugzilla.mindrot.org/show_bug.cgi?id=match
https://bbs.archlinux.org/viewtopic.php?id=121945
https://www.linuxquestions.org/questions/linux-security-4/ssh-deny-all-users-except-one-277288/ allow deny
https://github.com/g0tmi1k/debian-ssh
http://web.archive.org/web/20110723091928/http://digitaloffense.net/tools/debian-openssl
https://security.stackexchange.com/questions/127346/ssh-keygen-how-is-the-seed-generated
https://github.com/openssh/openssh-portable/blob/master/sshkey.c#L1652 static int ecdsa_generate_private_key(u_int bits, int *nid, EC_KEY **ecdsap)
https://www.youtube.com/watch?v=EjARnLxSqOg metasploit https://github.com/rapid7/metasploit-framework create reverse shell.
SSH
- http://16s.us/OpenBSD/acls.txt ssh secure shell from home to work computer
- http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1 command descripts
- http://16s.us/OpenBSD/
- http://www.thegeekstuff.com/2010/12/50-unix-linux-sysadmin-tutorials/
ssh
http://www.revsys.com/writings/quicktips/ssh-tunnel.html
links
MeshNetworking main page documenting the locustworld.com mesh networking technology.