SlideShare une entreprise Scribd logo

SSH Tunnel-Fu [NoVaH 2011]

Télécharger en tant que ODP, PDF
Vincent Batts
Vincent Batts

Fairfax, VA, USA

Technologie
1  sur  16
SSH tunnel-fu NoVAH! March 2011 Vincent Batts (vbatts)
Disclaimer ● Linux and console -centric ● Usage Info: that is all this is, nothing more NoVAH! SSH tunnel-fu - vbatts 2
Tidbit Info ● privileged ports are up to 1023 ● ports available are up to 65535 (sizeof an int) – per interface ;) NoVAH! SSH tunnel-fu - vbatts 3
Forwards ● Garden hose grappling hook ● Types – Local – Remote – Dynamic NoVAH! SSH tunnel-fu - vbatts 4
Forwards ● Garden hose grappling hook ● Types – Local - what you would like to be locally available, from a remote host – Remote - what you would like to be remotely available, from a remote host – Dynamic – application-level port forwarding NoVAH! SSH tunnel-fu - vbatts 5
Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 6
Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 7
Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 8
Multiple Hops This logic allows for spindly implementations deez@nuts $> ssh -Nf -L 6001:next01.host:22 gateway.mysite.com deez@nuts $> ssh -Nf -L 6002:next02.host:22 -p 6001 localhost deez@nuts $> ssh -Nf -L 6003:next03.host:22 -p 6002 localhost ... NoVAH! SSH tunnel-fu - vbatts 9
In Session ~# List forwarded connections ~C Open command line. Primarily for -L, -R or -D and also -KR[bind_address:]port NoVAH! SSH tunnel-fu - vbatts 10
To loopback or not? ● the [bind_address] can be very handy ● default bind_address is 127.0.0.1 (localhost) ● ADVISORY: don't forget about your firewall configuration ● ADVISORY: privileged ports require root ● allows a local system to serve local traffic to a remote destination deez@lappy $> ssh -L0.0.0.0:3389:winderz.nuts.lan gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 11
VIPs/multiple loopbacks mostly Linux only ;) and requires a bit of root ● Use Case – Saved sessions, configured for a specific hostname and port ● ifconfig and /etc/hosts ● setup deez@nuts #> ifconfig lo:0 127.0.0.2 netmask 255.255.254.0 ● teardown deez@nuts #> ifconfig lo:0 down NoVAH! SSH tunnel-fu - vbatts 12
VIPs/multiple loopbacks ● /etc/hosts 127.0.0.2 host1.nuts.lan 127.0.0.3 host2.nuts.lan ● Forwards deez@nuts $> sudo ssh -l vbatts -L127.0.0.2:80:host1.nuts.lan:80 -L127.0.0.3:80:host2.nuts.lan:80 gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 13
Configurations ● man page for ssh_config(5) – ~/.ssh/config – any file, then use the -f <file> approach ● ExitOnForwardFailure – is nice when you have a host setup, only needing to ensure forwards land properly ● Host and HostName – convenient for saving a custom setup, in a profile for a host NoVAH! SSH tunnel-fu - vbatts 14
Proxying ● Privoxy deez@lappy $> ssh -L8118:localhost:8118 myhome.dyndns.org ● DNS Leakage :( – Frequent and common – [insert tor here] ● The Onion Router and helpers like torsocks allow anonymized, encrypted and DNS leak- safe traffic for a host of applications – https://www.torproject.org/ – http://torsocks.googlecode.com/ NoVAH! SSH tunnel-fu - vbatts 15
Links and such ● This talk – http://slackware.com/~vbatts/things/20110314-NoVAH-ssh_tunnel_fu-vbatts.odp ● PuTTY – http://www.chiark.greenend.org.uk/~sgtatham/putty/ ● Linux shell for windows – http://www.cygwin.com/ ● RTFM – http://www.linuxmanpages.com/ ● TOR – https://www.torproject.org/ – http://torsocks.googlecode.com/ NoVAH! SSH tunnel-fu - vbatts 16

Recommandé

Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devices
Muhammad Moinur Rahman
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network Devices
APNIC
 
Building a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitchBuilding a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitch
Goran Cetusic
 
VirtualBox networking explained
VirtualBox networking explainedVirtualBox networking explained
VirtualBox networking explained
Maarten Smeets
 
DRAFT Internet and world wide web protocol ; pu t ty ; telnet ; wireshark
DRAFT Internet and world wide web protocol ; pu t ty ; telnet ; wiresharkDRAFT Internet and world wide web protocol ; pu t ty ; telnet ; wireshark
DRAFT Internet and world wide web protocol ; pu t ty ; telnet ; wireshark
meazza_15
 
FLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configFLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh config
dmp1304
 
Deploy your own P2P network
Deploy your own P2P networkDeploy your own P2P network
Deploy your own P2P network
Dobrica Pavlinušić
 
SSH Tunneling Recipes
SSH Tunneling RecipesSSH Tunneling Recipes
SSH Tunneling Recipes
OSOCO
 

Recommandé

Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devices
Muhammad Moinur Rahman
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network Devices
APNIC
 
Building a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitchBuilding a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitch
Goran Cetusic
 
VirtualBox networking explained
VirtualBox networking explainedVirtualBox networking explained
VirtualBox networking explained
Maarten Smeets
 
DRAFT Internet and world wide web protocol ; pu t ty ; telnet ; wireshark
DRAFT Internet and world wide web protocol ; pu t ty ; telnet ; wiresharkDRAFT Internet and world wide web protocol ; pu t ty ; telnet ; wireshark
DRAFT Internet and world wide web protocol ; pu t ty ; telnet ; wireshark
meazza_15
 
FLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configFLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh config
dmp1304
 
Deploy your own P2P network
Deploy your own P2P networkDeploy your own P2P network
Deploy your own P2P network
Dobrica Pavlinušić
 
SSH Tunneling Recipes
SSH Tunneling RecipesSSH Tunneling Recipes
SSH Tunneling Recipes
OSOCO
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
Thomas Graf
 
Bh usa-01-kaminsky
Bh usa-01-kaminskyBh usa-01-kaminsky
Bh usa-01-kaminsky
Dan Kaminsky
 
HTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversHTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF servers
Jean-Frederic Clere
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
Hemant Shah
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networking
Sim Janghoon
 
Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet
Isham Rashik
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV Tutorial
Open Networking Perú (Opennetsoft)
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic Networking
Wido den Hollander
 
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsDemystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Priyanka Aash
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricks
Assem CHELLI
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitch
Sim Janghoon
 
Vigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick startVigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick start
Jimmy Tu
 
SSH Tunneling Recipes
SSH Tunneling RecipesSSH Tunneling Recipes
SSH Tunneling Recipes
Rafael Luque Leiva
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
rajdeep
 
Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports
Netronome
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linux
Varnnit Jain
 
Ssh
SshSsh
Ssh
gh02
 
Snort
SnortSnort
Snort
bala150985
 
Hacking the swisscom modem
Hacking the swisscom modemHacking the swisscom modem
Hacking the swisscom modem
Cyber Security Alliance
 
Docker Networking
Docker NetworkingDocker Networking
Docker Networking
Weaveworks
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
fangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
fangjiafu
 

Contenu connexe

Tendances

Bh usa-01-kaminsky
Bh usa-01-kaminskyBh usa-01-kaminsky
Bh usa-01-kaminsky
Dan Kaminsky
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
Hemant Shah
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networking
Sim Janghoon
 
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsDemystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Priyanka Aash
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitch
Sim Janghoon
 
Ssh
SshSsh
Ssh
gh02
 

Tendances (20)

Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
 
Bh usa-01-kaminsky
Bh usa-01-kaminskyBh usa-01-kaminsky
Bh usa-01-kaminsky
 
HTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversHTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF servers
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networking
 
Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV Tutorial
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic Networking
 
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsDemystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricks
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitch
 
Vigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick startVigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick start
 
SSH Tunneling Recipes
SSH Tunneling RecipesSSH Tunneling Recipes
SSH Tunneling Recipes
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
 
Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linux
 
Ssh
SshSsh
Ssh
 
Snort
SnortSnort
Snort
 
Hacking the swisscom modem
Hacking the swisscom modemHacking the swisscom modem
Hacking the swisscom modem
 
Docker Networking
Docker NetworkingDocker Networking
Docker Networking
 

Similaire à SSH Tunnel-Fu [NoVaH 2011]

Presentation nix
Presentation nixPresentation nix
Presentation nix
fangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
fangjiafu
 
Adhocr T-dose 2012
Adhocr T-dose 2012Adhocr T-dose 2012
Adhocr T-dose 2012
Gratien D'haese
 
Unit 13 network client
Unit 13 network clientUnit 13 network client
Unit 13 network client
root_fibo
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode
Akihiro Suda
 
0507 057 01 98 * Adana Klima Servisleri
0507 057 01 98 * Adana Klima Servisleri0507 057 01 98 * Adana Klima Servisleri
0507 057 01 98 * Adana Klima Servisleri
Adana Klima Servisi Bakım Montaj Taşıma Temizlik Tamir Arıza Teknik Servisleri
 

Similaire à SSH Tunnel-Fu [NoVaH 2011] (20)

Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Using Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowUsing Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should Know
 
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-NapocaWP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
 
SSH Tunneling
SSH TunnelingSSH Tunneling
SSH Tunneling
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
 
FUSE Filesystems
FUSE FilesystemsFUSE Filesystems
FUSE Filesystems
 
Adhocr T-dose 2012
Adhocr T-dose 2012Adhocr T-dose 2012
Adhocr T-dose 2012
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 server
 
Pushing a camel through the eye of a needle
Pushing a camel through the eye of a needlePushing a camel through the eye of a needle
Pushing a camel through the eye of a needle
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open source
 
Unit 13 network client
Unit 13 network clientUnit 13 network client
Unit 13 network client
 
Don't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFiDon't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFi
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode
 
DCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless modeDCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless mode
 
Pound Varnish
Pound VarnishPound Varnish
Pound Varnish
 
Big Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and MesosBig Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and Mesos
 
Sshstuff
SshstuffSshstuff
Sshstuff
 
0507 057 01 98 * Adana Klima Servisleri
0507 057 01 98 * Adana Klima Servisleri0507 057 01 98 * Adana Klima Servisleri
0507 057 01 98 * Adana Klima Servisleri
 
Shall we play a game
Shall we play a gameShall we play a game
Shall we play a game
 

Dernier

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Dernier (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

SSH Tunnel-Fu [NoVaH 2011]

  • 1. SSH tunnel-fu NoVAH! March 2011 Vincent Batts (vbatts)
  • 2. Disclaimer ● Linux and console -centric ● Usage Info: that is all this is, nothing more NoVAH! SSH tunnel-fu - vbatts 2
  • 3. Tidbit Info ● privileged ports are up to 1023 ● ports available are up to 65535 (sizeof an int) – per interface ;) NoVAH! SSH tunnel-fu - vbatts 3
  • 4. Forwards ● Garden hose grappling hook ● Types – Local – Remote – Dynamic NoVAH! SSH tunnel-fu - vbatts 4
  • 5. Forwards ● Garden hose grappling hook ● Types – Local - what you would like to be locally available, from a remote host – Remote - what you would like to be remotely available, from a remote host – Dynamic – application-level port forwarding NoVAH! SSH tunnel-fu - vbatts 5
  • 6. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 6
  • 7. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 7
  • 8. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 8
  • 9. Multiple Hops This logic allows for spindly implementations deez@nuts $> ssh -Nf -L 6001:next01.host:22 gateway.mysite.com deez@nuts $> ssh -Nf -L 6002:next02.host:22 -p 6001 localhost deez@nuts $> ssh -Nf -L 6003:next03.host:22 -p 6002 localhost ... NoVAH! SSH tunnel-fu - vbatts 9
  • 10. In Session ~# List forwarded connections ~C Open command line. Primarily for -L, -R or -D and also -KR[bind_address:]port NoVAH! SSH tunnel-fu - vbatts 10
  • 11. To loopback or not? ● the [bind_address] can be very handy ● default bind_address is 127.0.0.1 (localhost) ● ADVISORY: don't forget about your firewall configuration ● ADVISORY: privileged ports require root ● allows a local system to serve local traffic to a remote destination deez@lappy $> ssh -L0.0.0.0:3389:winderz.nuts.lan gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 11
  • 12. VIPs/multiple loopbacks mostly Linux only ;) and requires a bit of root ● Use Case – Saved sessions, configured for a specific hostname and port ● ifconfig and /etc/hosts ● setup deez@nuts #> ifconfig lo:0 127.0.0.2 netmask 255.255.254.0 ● teardown deez@nuts #> ifconfig lo:0 down NoVAH! SSH tunnel-fu - vbatts 12
  • 13. VIPs/multiple loopbacks ● /etc/hosts 127.0.0.2 host1.nuts.lan 127.0.0.3 host2.nuts.lan ● Forwards deez@nuts $> sudo ssh -l vbatts -L127.0.0.2:80:host1.nuts.lan:80 -L127.0.0.3:80:host2.nuts.lan:80 gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 13
  • 14. Configurations ● man page for ssh_config(5) – ~/.ssh/config – any file, then use the -f <file> approach ● ExitOnForwardFailure – is nice when you have a host setup, only needing to ensure forwards land properly ● Host and HostName – convenient for saving a custom setup, in a profile for a host NoVAH! SSH tunnel-fu - vbatts 14
  • 15. Proxying ● Privoxy deez@lappy $> ssh -L8118:localhost:8118 myhome.dyndns.org ● DNS Leakage :( – Frequent and common – [insert tor here] ● The Onion Router and helpers like torsocks allow anonymized, encrypted and DNS leak- safe traffic for a host of applications – https://www.torproject.org/ – http://torsocks.googlecode.com/ NoVAH! SSH tunnel-fu - vbatts 15
  • 16. Links and such ● This talk – http://slackware.com/~vbatts/things/20110314-NoVAH-ssh_tunnel_fu-vbatts.odp ● PuTTY – http://www.chiark.greenend.org.uk/~sgtatham/putty/ ● Linux shell for windows – http://www.cygwin.com/ ● RTFM – http://www.linuxmanpages.com/ ● TOR – https://www.torproject.org/ – http://torsocks.googlecode.com/ NoVAH! SSH tunnel-fu - vbatts 16