SSH Usage

July 2016 ยท 2 minute read

These are interesting usage of SSH:

Check this to know about type of keys and its security. Ed25519 is the recommended one.

Generate new keys

ssh-keygen -o -a 100 -t ed25519

public key

cat ~/.ssh/id_rsa.pub

Open a socks tunnel

ssh -D port server

Change browser proxy to socks and localhost as a server and enter the port

Login without password:

// In your Mac
$ cat ~/.ssh/id_rsa.pub
// copy your public key

// In your server
$ mkdir ~/.ssh
$ vi ~/.ssh/authorized_keys
// paste your public key here

Optional: change mode of authorized_keys

in CentOS you need to set the mode of the authorized_keys to 644

chmod 644 ~/.ssh/authorized_keys

In Ubuntu you don’t need to change the mode

set your usually username

To allow to change this

ssh username@server

to this:

ssh server

type this configuration

vi ~/.ssh/config:
User your_usually_username

Use ssh agent forwarding

If you are using VM always paste the public key of your host machine not your VM and in your host configure ssh to allow this type this configuration

This method is not the best practice. Because forward agent will copy your private key to the server. So use it when you need it just with -A flag instead of putting it in the config and always use it. This post shows the dangerous of using this.

vi ~/.ssh/config:
User your_usually_username
ForwardAgent yes

Add ssh-agent. On your machine(Mac) type:

ssh-add

Ensure ssh-agent is enabled. On your server type:

eval "$(ssh-agent -s)"

Multiplexing

mkdir ~/.ssh/cm_socket
vi ~/.ssh/config
ControlMaster auto
ControlPath ~/.ssh/cm_socket/%r@%h:%p

Port Forward

open port from remote to localhost

ssh -L 8080:localhost:8080 user@example.com

open port from localhost to remote

this will listen to loopback interface

ssh -R 8080:localhost:1313 user@example.com
  • 1313: is the localhost port
  • 8080: is the remote port

To make it access public through the remote, add GatewayPorts clientspecified in sshd_config then

ssh -R 0.0.0.0:8080:localhost:1313 user@example.com

Learn later

http://www.revsys.com/writings/quicktips/ssh-faster-connections.html http://www.symkat.com/ssh-tips-and-tricks-you-need

References: