SlideShare uma empresa Scribd logo
1 de 16
Baixar para ler offline
SSH tunnel-fu




NoVAH! March 2011

Vincent Batts (vbatts)
Disclaimer
●   Linux and console -centric
●   Usage Info: that is all this is, nothing more




                   NoVAH! SSH tunnel-fu - vbatts    2
Tidbit Info
●   privileged ports are up to 1023
●   ports available are up to 65535 (sizeof an int)
        –   per interface ;)




                      NoVAH! SSH tunnel-fu - vbatts   3
Forwards
●   Garden hose grappling hook
●   Types
       –   Local
       –   Remote
       –   Dynamic




                     NoVAH! SSH tunnel-fu - vbatts   4
Forwards
●   Garden hose grappling hook
●   Types
       –   Local - what you would like to be locally
            available, from a remote host
       –   Remote - what you would like to be remotely
            available, from a remote host
       –   Dynamic – application-level port forwarding




                     NoVAH! SSH tunnel-fu - vbatts       5
Forwards
●   Local
       –    ssh flag: -L [bind_address:]port:host:hostport
       –    ssh_config: LocalForward
●   Remote
       –    ssh flag: -R [bind_address:]port:host:hostport
       –    ssh_config: RemoteForward
●   Dynamic
       –    ssh flag: -D [bind_address:]port
       –    ssh_config: DynamicForward
       –    Currently SOCKS4 and SOCKS5 proxy allowed
                       NoVAH! SSH tunnel-fu - vbatts         6
Forwards
●   Local
       –    ssh flag: -L [bind_address:]port:host:hostport
       –    ssh_config: LocalForward
●   Remote
       –    ssh flag: -R [bind_address:]port:host:hostport
       –    ssh_config: RemoteForward
●   Dynamic
       –    ssh flag: -D [bind_address:]port
       –    ssh_config: DynamicForward
       –    Currently SOCKS4 and SOCKS5 proxy allowed
                       NoVAH! SSH tunnel-fu - vbatts         7
Forwards
●   Local
       –    ssh flag: -L [bind_address:]port:host:hostport
       –    ssh_config: LocalForward
●   Remote
       –    ssh flag: -R [bind_address:]port:host:hostport
       –    ssh_config: RemoteForward
●   Dynamic
       –    ssh flag: -D [bind_address:]port
       –    ssh_config: DynamicForward
       –    Currently SOCKS4 and SOCKS5 proxy allowed
                       NoVAH! SSH tunnel-fu - vbatts         8
Multiple Hops
This logic allows for spindly implementations

deez@nuts $> ssh -Nf -L 6001:next01.host:22 gateway.mysite.com
deez@nuts $> ssh -Nf -L 6002:next02.host:22 -p 6001 localhost
deez@nuts $> ssh -Nf -L 6003:next03.host:22 -p 6002 localhost
...




                       NoVAH! SSH tunnel-fu - vbatts             9
In Session


~#   List forwarded connections


~C Open command line.
     Primarily for -L, -R or -D and also
       -KR[bind_address:]port



                 NoVAH! SSH tunnel-fu - vbatts   10
To loopback or not?
●   the [bind_address] can be very handy
●   default bind_address is 127.0.0.1 (localhost)
●   ADVISORY: don't forget about your firewall configuration
●   ADVISORY: privileged ports require root
●   allows a local system to serve local traffic to a remote
    destination
    deez@lappy $> ssh -L0.0.0.0:3389:winderz.nuts.lan gateway.nuts.com




                         NoVAH! SSH tunnel-fu - vbatts              11
VIPs/multiple loopbacks
    mostly Linux only ;) and requires a bit of root
●   Use Case
         –   Saved sessions, configured for a specific hostname
               and port
●   ifconfig and /etc/hosts
●   setup
    deez@nuts #> ifconfig lo:0 127.0.0.2 netmask 255.255.254.0
●   teardown
    deez@nuts #> ifconfig lo:0 down


                        NoVAH! SSH tunnel-fu - vbatts            12
VIPs/multiple loopbacks
●   /etc/hosts
           127.0.0.2               host1.nuts.lan
           127.0.0.3               host2.nuts.lan
●   Forwards
    deez@nuts $> sudo ssh -l vbatts 
           -L127.0.0.2:80:host1.nuts.lan:80 
           -L127.0.0.3:80:host2.nuts.lan:80 
           gateway.nuts.com



                       NoVAH! SSH tunnel-fu - vbatts   13
Configurations
●   man page for ssh_config(5)
       –   ~/.ssh/config
       –   any file, then use the -f <file> approach
●   ExitOnForwardFailure
       –   is nice when you have a host setup, only
             needing to ensure forwards land properly
●   Host and HostName
       –   convenient for saving a custom setup, in a
             profile for a host
                     NoVAH! SSH tunnel-fu - vbatts      14
Proxying
●   Privoxy
    deez@lappy $> ssh -L8118:localhost:8118 myhome.dyndns.org
●   DNS Leakage :(
         –   Frequent and common
         –   [insert tor here]
                  ●   The Onion Router and helpers like torsocks
                       allow anonymized, encrypted and DNS leak-
                       safe traffic for a host of applications
                          –   https://www.torproject.org/
                          –   http://torsocks.googlecode.com/

                          NoVAH! SSH tunnel-fu - vbatts         15
Links and such
●   This talk
            –   http://slackware.com/~vbatts/things/20110314-NoVAH-ssh_tunnel_fu-vbatts.odp
●   PuTTY
            –   http://www.chiark.greenend.org.uk/~sgtatham/putty/
●   Linux shell for windows
            –   http://www.cygwin.com/
●   RTFM
            –   http://www.linuxmanpages.com/
●   TOR
            –   https://www.torproject.org/
            –   http://torsocks.googlecode.com/




                                  NoVAH! SSH tunnel-fu - vbatts                        16

Mais conteúdo relacionado

Mais procurados

Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
Bh usa-01-kaminsky
Bh usa-01-kaminskyBh usa-01-kaminsky
Bh usa-01-kaminskyDan Kaminsky
 
HTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversHTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversJean-Frederic Clere
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networkingSim Janghoon
 
Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet Isham Rashik
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingWido den Hollander
 
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsDemystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsPriyanka Aash
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitchSim Janghoon
 
Vigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick startVigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick startJimmy Tu
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Netronome
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linuxVarnnit Jain
 
Ssh
SshSsh
Sshgh02
 
Docker Networking
Docker NetworkingDocker Networking
Docker NetworkingWeaveworks
 

Mais procurados (20)

Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
 
Bh usa-01-kaminsky
Bh usa-01-kaminskyBh usa-01-kaminsky
Bh usa-01-kaminsky
 
HTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversHTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF servers
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networking
 
Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV Tutorial
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic Networking
 
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsDemystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricks
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitch
 
Vigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick startVigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick start
 
SSH Tunneling Recipes
SSH Tunneling RecipesSSH Tunneling Recipes
SSH Tunneling Recipes
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
 
Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linux
 
Ssh
SshSsh
Ssh
 
Snort
SnortSnort
Snort
 
Hacking the swisscom modem
Hacking the swisscom modemHacking the swisscom modem
Hacking the swisscom modem
 
Docker Networking
Docker NetworkingDocker Networking
Docker Networking
 

Semelhante a SSH Tunnel-Fu [NoVaH 2011]

Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Using Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowUsing Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowNovell
 
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-NapocaWP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-Napoca4nd4p0p
 
SSH Tunneling
SSH TunnelingSSH Tunneling
SSH TunnelingThanh Tai
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commandsHanan Nmr
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverTomaz Muraus
 
Pushing a camel through the eye of a needle
Pushing a camel through the eye of a needlePushing a camel through the eye of a needle
Pushing a camel through the eye of a needleSensePost
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open sourceIngo Walz
 
Unit 13 network client
Unit 13 network clientUnit 13 network client
Unit 13 network clientroot_fibo
 
Don't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFiDon't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFiMackenzie Morgan
 
DCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless modeDCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless modeDocker, Inc.
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
Big Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and MesosBig Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and MesosHeiko Loewe
 

Semelhante a SSH Tunnel-Fu [NoVaH 2011] (20)

Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Using Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowUsing Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should Know
 
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-NapocaWP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
 
SSH Tunneling
SSH TunnelingSSH Tunneling
SSH Tunneling
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
 
FUSE Filesystems
FUSE FilesystemsFUSE Filesystems
FUSE Filesystems
 
Adhocr T-dose 2012
Adhocr T-dose 2012Adhocr T-dose 2012
Adhocr T-dose 2012
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 server
 
Pushing a camel through the eye of a needle
Pushing a camel through the eye of a needlePushing a camel through the eye of a needle
Pushing a camel through the eye of a needle
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open source
 
Unit 13 network client
Unit 13 network clientUnit 13 network client
Unit 13 network client
 
Don't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFiDon't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFi
 
DCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless modeDCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless mode
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode
 
Pound Varnish
Pound VarnishPound Varnish
Pound Varnish
 
Big Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and MesosBig Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and Mesos
 
Sshstuff
SshstuffSshstuff
Sshstuff
 
Shall we play a game?
Shall we play a game?Shall we play a game?
Shall we play a game?
 
0507 057 01 98 * Adana Klima Servisleri
0507 057 01 98 * Adana Klima Servisleri0507 057 01 98 * Adana Klima Servisleri
0507 057 01 98 * Adana Klima Servisleri
 

Último

20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 

Último (20)

20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 

SSH Tunnel-Fu [NoVaH 2011]

  • 1. SSH tunnel-fu NoVAH! March 2011 Vincent Batts (vbatts)
  • 2. Disclaimer ● Linux and console -centric ● Usage Info: that is all this is, nothing more NoVAH! SSH tunnel-fu - vbatts 2
  • 3. Tidbit Info ● privileged ports are up to 1023 ● ports available are up to 65535 (sizeof an int) – per interface ;) NoVAH! SSH tunnel-fu - vbatts 3
  • 4. Forwards ● Garden hose grappling hook ● Types – Local – Remote – Dynamic NoVAH! SSH tunnel-fu - vbatts 4
  • 5. Forwards ● Garden hose grappling hook ● Types – Local - what you would like to be locally available, from a remote host – Remote - what you would like to be remotely available, from a remote host – Dynamic – application-level port forwarding NoVAH! SSH tunnel-fu - vbatts 5
  • 6. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 6
  • 7. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 7
  • 8. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 8
  • 9. Multiple Hops This logic allows for spindly implementations deez@nuts $> ssh -Nf -L 6001:next01.host:22 gateway.mysite.com deez@nuts $> ssh -Nf -L 6002:next02.host:22 -p 6001 localhost deez@nuts $> ssh -Nf -L 6003:next03.host:22 -p 6002 localhost ... NoVAH! SSH tunnel-fu - vbatts 9
  • 10. In Session ~# List forwarded connections ~C Open command line. Primarily for -L, -R or -D and also -KR[bind_address:]port NoVAH! SSH tunnel-fu - vbatts 10
  • 11. To loopback or not? ● the [bind_address] can be very handy ● default bind_address is 127.0.0.1 (localhost) ● ADVISORY: don't forget about your firewall configuration ● ADVISORY: privileged ports require root ● allows a local system to serve local traffic to a remote destination deez@lappy $> ssh -L0.0.0.0:3389:winderz.nuts.lan gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 11
  • 12. VIPs/multiple loopbacks mostly Linux only ;) and requires a bit of root ● Use Case – Saved sessions, configured for a specific hostname and port ● ifconfig and /etc/hosts ● setup deez@nuts #> ifconfig lo:0 127.0.0.2 netmask 255.255.254.0 ● teardown deez@nuts #> ifconfig lo:0 down NoVAH! SSH tunnel-fu - vbatts 12
  • 13. VIPs/multiple loopbacks ● /etc/hosts 127.0.0.2 host1.nuts.lan 127.0.0.3 host2.nuts.lan ● Forwards deez@nuts $> sudo ssh -l vbatts -L127.0.0.2:80:host1.nuts.lan:80 -L127.0.0.3:80:host2.nuts.lan:80 gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 13
  • 14. Configurations ● man page for ssh_config(5) – ~/.ssh/config – any file, then use the -f <file> approach ● ExitOnForwardFailure – is nice when you have a host setup, only needing to ensure forwards land properly ● Host and HostName – convenient for saving a custom setup, in a profile for a host NoVAH! SSH tunnel-fu - vbatts 14
  • 15. Proxying ● Privoxy deez@lappy $> ssh -L8118:localhost:8118 myhome.dyndns.org ● DNS Leakage :( – Frequent and common – [insert tor here] ● The Onion Router and helpers like torsocks allow anonymized, encrypted and DNS leak- safe traffic for a host of applications – https://www.torproject.org/ – http://torsocks.googlecode.com/ NoVAH! SSH tunnel-fu - vbatts 15
  • 16. Links and such ● This talk – http://slackware.com/~vbatts/things/20110314-NoVAH-ssh_tunnel_fu-vbatts.odp ● PuTTY – http://www.chiark.greenend.org.uk/~sgtatham/putty/ ● Linux shell for windows – http://www.cygwin.com/ ● RTFM – http://www.linuxmanpages.com/ ● TOR – https://www.torproject.org/ – http://torsocks.googlecode.com/ NoVAH! SSH tunnel-fu - vbatts 16