SlideShare una empresa de Scribd logo
1 de 16
SSH tunnel-fu




NoVAH! March 2011

Vincent Batts (vbatts)
Disclaimer
●   Linux and console -centric
●   Usage Info: that is all this is, nothing more




                   NoVAH! SSH tunnel-fu - vbatts    2
Tidbit Info
●   privileged ports are up to 1023
●   ports available are up to 65535 (sizeof an int)
        –   per interface ;)




                      NoVAH! SSH tunnel-fu - vbatts   3
Forwards
●   Garden hose grappling hook
●   Types
       –   Local
       –   Remote
       –   Dynamic




                     NoVAH! SSH tunnel-fu - vbatts   4
Forwards
●   Garden hose grappling hook
●   Types
       –   Local - what you would like to be locally
            available, from a remote host
       –   Remote - what you would like to be remotely
            available, from a remote host
       –   Dynamic – application-level port forwarding




                     NoVAH! SSH tunnel-fu - vbatts       5
Forwards
●   Local
       –    ssh flag: -L [bind_address:]port:host:hostport
       –    ssh_config: LocalForward
●   Remote
       –    ssh flag: -R [bind_address:]port:host:hostport
       –    ssh_config: RemoteForward
●   Dynamic
       –    ssh flag: -D [bind_address:]port
       –    ssh_config: DynamicForward
       –    Currently SOCKS4 and SOCKS5 proxy allowed
                       NoVAH! SSH tunnel-fu - vbatts         6
Forwards
●   Local
       –    ssh flag: -L [bind_address:]port:host:hostport
       –    ssh_config: LocalForward
●   Remote
       –    ssh flag: -R [bind_address:]port:host:hostport
       –    ssh_config: RemoteForward
●   Dynamic
       –    ssh flag: -D [bind_address:]port
       –    ssh_config: DynamicForward
       –    Currently SOCKS4 and SOCKS5 proxy allowed
                       NoVAH! SSH tunnel-fu - vbatts         7
Forwards
●   Local
       –    ssh flag: -L [bind_address:]port:host:hostport
       –    ssh_config: LocalForward
●   Remote
       –    ssh flag: -R [bind_address:]port:host:hostport
       –    ssh_config: RemoteForward
●   Dynamic
       –    ssh flag: -D [bind_address:]port
       –    ssh_config: DynamicForward
       –    Currently SOCKS4 and SOCKS5 proxy allowed
                       NoVAH! SSH tunnel-fu - vbatts         8
Multiple Hops
This logic allows for spindly implementations

deez@nuts $> ssh -Nf -L 6001:next01.host:22 gateway.mysite.com
deez@nuts $> ssh -Nf -L 6002:next02.host:22 -p 6001 localhost
deez@nuts $> ssh -Nf -L 6003:next03.host:22 -p 6002 localhost
...




                       NoVAH! SSH tunnel-fu - vbatts             9
In Session


~#   List forwarded connections


~C Open command line.
     Primarily for -L, -R or -D and also
       -KR[bind_address:]port



                 NoVAH! SSH tunnel-fu - vbatts   10
To loopback or not?
●   the [bind_address] can be very handy
●   default bind_address is 127.0.0.1 (localhost)
●   ADVISORY: don't forget about your firewall configuration
●   ADVISORY: privileged ports require root
●   allows a local system to serve local traffic to a remote
    destination
    deez@lappy $> ssh -L0.0.0.0:3389:winderz.nuts.lan gateway.nuts.com




                         NoVAH! SSH tunnel-fu - vbatts              11
VIPs/multiple loopbacks
    mostly Linux only ;) and requires a bit of root
●   Use Case
         –   Saved sessions, configured for a specific hostname
               and port
●   ifconfig and /etc/hosts
●   setup
    deez@nuts #> ifconfig lo:0 127.0.0.2 netmask 255.255.254.0
●   teardown
    deez@nuts #> ifconfig lo:0 down


                        NoVAH! SSH tunnel-fu - vbatts            12
VIPs/multiple loopbacks
●   /etc/hosts
           127.0.0.2               host1.nuts.lan
           127.0.0.3               host2.nuts.lan
●   Forwards
    deez@nuts $> sudo ssh -l vbatts 
           -L127.0.0.2:80:host1.nuts.lan:80 
           -L127.0.0.3:80:host2.nuts.lan:80 
           gateway.nuts.com



                       NoVAH! SSH tunnel-fu - vbatts   13
Configurations
●   man page for ssh_config(5)
       –   ~/.ssh/config
       –   any file, then use the -f <file> approach
●   ExitOnForwardFailure
       –   is nice when you have a host setup, only
             needing to ensure forwards land properly
●   Host and HostName
       –   convenient for saving a custom setup, in a
             profile for a host
                     NoVAH! SSH tunnel-fu - vbatts      14
Proxying
●   Privoxy
    deez@lappy $> ssh -L8118:localhost:8118 myhome.dyndns.org
●   DNS Leakage :(
         –   Frequent and common
         –   [insert tor here]
                  ●   The Onion Router and helpers like torsocks
                       allow anonymized, encrypted and DNS leak-
                       safe traffic for a host of applications
                          –   https://www.torproject.org/
                          –   http://torsocks.googlecode.com/

                          NoVAH! SSH tunnel-fu - vbatts         15
Links and such
●   This talk
            –   http://slackware.com/~vbatts/things/20110314-NoVAH-ssh_tunnel_fu-vbatts.odp
●   PuTTY
            –   http://www.chiark.greenend.org.uk/~sgtatham/putty/
●   Linux shell for windows
            –   http://www.cygwin.com/
●   RTFM
            –   http://www.linuxmanpages.com/
●   TOR
            –   https://www.torproject.org/
            –   http://torsocks.googlecode.com/




                                  NoVAH! SSH tunnel-fu - vbatts                        16

Más contenido relacionado

La actualidad más candente

Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
Bh usa-01-kaminsky
Bh usa-01-kaminskyBh usa-01-kaminsky
Bh usa-01-kaminskyDan Kaminsky
 
HTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversHTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversJean-Frederic Clere
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networkingSim Janghoon
 
Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet Isham Rashik
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingWido den Hollander
 
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsDemystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsPriyanka Aash
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitchSim Janghoon
 
Vigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick startVigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick startJimmy Tu
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Netronome
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linuxVarnnit Jain
 
Ssh
SshSsh
Sshgh02
 
Docker Networking
Docker NetworkingDocker Networking
Docker NetworkingWeaveworks
 

La actualidad más candente (20)

Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
 
Bh usa-01-kaminsky
Bh usa-01-kaminskyBh usa-01-kaminsky
Bh usa-01-kaminsky
 
HTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF serversHTTP/2 and SSL/TLS state of art in ASF servers
HTTP/2 and SSL/TLS state of art in ASF servers
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networking
 
Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet Linux Commands - Cheat Sheet
Linux Commands - Cheat Sheet
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV Tutorial
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic Networking
 
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL ExploitsDemystifying MS17-010: Reverse Engineering the ETERNAL Exploits
Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricks
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitch
 
Vigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick startVigor 3910 docker firmware quick start
Vigor 3910 docker firmware quick start
 
SSH Tunneling Recipes
SSH Tunneling RecipesSSH Tunneling Recipes
SSH Tunneling Recipes
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
 
Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linux
 
Ssh
SshSsh
Ssh
 
Snort
SnortSnort
Snort
 
Hacking the swisscom modem
Hacking the swisscom modemHacking the swisscom modem
Hacking the swisscom modem
 
Docker Networking
Docker NetworkingDocker Networking
Docker Networking
 

Similar a SSH Tunnel-Fu [NoVaH 2011]

Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Using Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowUsing Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowNovell
 
Wireshark OTG Extend your Wireshark with extcap.pdf
Wireshark OTG Extend your Wireshark with extcap.pdfWireshark OTG Extend your Wireshark with extcap.pdf
Wireshark OTG Extend your Wireshark with extcap.pdfMegumi Takeshita
 
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-NapocaWP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-Napoca4nd4p0p
 
SSH Tunneling
SSH TunnelingSSH Tunneling
SSH TunnelingThanh Tai
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commandsHanan Nmr
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverTomaz Muraus
 
Pushing a camel through the eye of a needle
Pushing a camel through the eye of a needlePushing a camel through the eye of a needle
Pushing a camel through the eye of a needleSensePost
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open sourceIngo Walz
 
Unit 13 network client
Unit 13 network clientUnit 13 network client
Unit 13 network clientroot_fibo
 
Don't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFiDon't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFiMackenzie Morgan
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
DCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless modeDCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless modeDocker, Inc.
 
Big Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and MesosBig Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and MesosHeiko Loewe
 

Similar a SSH Tunnel-Fu [NoVaH 2011] (20)

Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Using Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowUsing Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should Know
 
Wireshark OTG Extend your Wireshark with extcap.pdf
Wireshark OTG Extend your Wireshark with extcap.pdfWireshark OTG Extend your Wireshark with extcap.pdf
Wireshark OTG Extend your Wireshark with extcap.pdf
 
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-NapocaWP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
 
SSH Tunneling
SSH TunnelingSSH Tunneling
SSH Tunneling
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
 
FUSE Filesystems
FUSE FilesystemsFUSE Filesystems
FUSE Filesystems
 
Adhocr T-dose 2012
Adhocr T-dose 2012Adhocr T-dose 2012
Adhocr T-dose 2012
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 server
 
Pushing a camel through the eye of a needle
Pushing a camel through the eye of a needlePushing a camel through the eye of a needle
Pushing a camel through the eye of a needle
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open source
 
Unit 13 network client
Unit 13 network clientUnit 13 network client
Unit 13 network client
 
Don't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFiDon't Get Hacked on Hostile WiFi
Don't Get Hacked on Hostile WiFi
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode
 
DCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless modeDCSF19 Hardening Docker daemon with Rootless mode
DCSF19 Hardening Docker daemon with Rootless mode
 
Pound Varnish
Pound VarnishPound Varnish
Pound Varnish
 
Big Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and MesosBig Data in Container; Hadoop Spark in Docker and Mesos
Big Data in Container; Hadoop Spark in Docker and Mesos
 
Sshstuff
SshstuffSshstuff
Sshstuff
 
0507 057 01 98 * Adana Klima Servisleri
0507 057 01 98 * Adana Klima Servisleri0507 057 01 98 * Adana Klima Servisleri
0507 057 01 98 * Adana Klima Servisleri
 

Último

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Último (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 

SSH Tunnel-Fu [NoVaH 2011]

  • 1. SSH tunnel-fu NoVAH! March 2011 Vincent Batts (vbatts)
  • 2. Disclaimer ● Linux and console -centric ● Usage Info: that is all this is, nothing more NoVAH! SSH tunnel-fu - vbatts 2
  • 3. Tidbit Info ● privileged ports are up to 1023 ● ports available are up to 65535 (sizeof an int) – per interface ;) NoVAH! SSH tunnel-fu - vbatts 3
  • 4. Forwards ● Garden hose grappling hook ● Types – Local – Remote – Dynamic NoVAH! SSH tunnel-fu - vbatts 4
  • 5. Forwards ● Garden hose grappling hook ● Types – Local - what you would like to be locally available, from a remote host – Remote - what you would like to be remotely available, from a remote host – Dynamic – application-level port forwarding NoVAH! SSH tunnel-fu - vbatts 5
  • 6. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 6
  • 7. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 7
  • 8. Forwards ● Local – ssh flag: -L [bind_address:]port:host:hostport – ssh_config: LocalForward ● Remote – ssh flag: -R [bind_address:]port:host:hostport – ssh_config: RemoteForward ● Dynamic – ssh flag: -D [bind_address:]port – ssh_config: DynamicForward – Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 8
  • 9. Multiple Hops This logic allows for spindly implementations deez@nuts $> ssh -Nf -L 6001:next01.host:22 gateway.mysite.com deez@nuts $> ssh -Nf -L 6002:next02.host:22 -p 6001 localhost deez@nuts $> ssh -Nf -L 6003:next03.host:22 -p 6002 localhost ... NoVAH! SSH tunnel-fu - vbatts 9
  • 10. In Session ~# List forwarded connections ~C Open command line. Primarily for -L, -R or -D and also -KR[bind_address:]port NoVAH! SSH tunnel-fu - vbatts 10
  • 11. To loopback or not? ● the [bind_address] can be very handy ● default bind_address is 127.0.0.1 (localhost) ● ADVISORY: don't forget about your firewall configuration ● ADVISORY: privileged ports require root ● allows a local system to serve local traffic to a remote destination deez@lappy $> ssh -L0.0.0.0:3389:winderz.nuts.lan gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 11
  • 12. VIPs/multiple loopbacks mostly Linux only ;) and requires a bit of root ● Use Case – Saved sessions, configured for a specific hostname and port ● ifconfig and /etc/hosts ● setup deez@nuts #> ifconfig lo:0 127.0.0.2 netmask 255.255.254.0 ● teardown deez@nuts #> ifconfig lo:0 down NoVAH! SSH tunnel-fu - vbatts 12
  • 13. VIPs/multiple loopbacks ● /etc/hosts 127.0.0.2 host1.nuts.lan 127.0.0.3 host2.nuts.lan ● Forwards deez@nuts $> sudo ssh -l vbatts -L127.0.0.2:80:host1.nuts.lan:80 -L127.0.0.3:80:host2.nuts.lan:80 gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 13
  • 14. Configurations ● man page for ssh_config(5) – ~/.ssh/config – any file, then use the -f <file> approach ● ExitOnForwardFailure – is nice when you have a host setup, only needing to ensure forwards land properly ● Host and HostName – convenient for saving a custom setup, in a profile for a host NoVAH! SSH tunnel-fu - vbatts 14
  • 15. Proxying ● Privoxy deez@lappy $> ssh -L8118:localhost:8118 myhome.dyndns.org ● DNS Leakage :( – Frequent and common – [insert tor here] ● The Onion Router and helpers like torsocks allow anonymized, encrypted and DNS leak- safe traffic for a host of applications – https://www.torproject.org/ – http://torsocks.googlecode.com/ NoVAH! SSH tunnel-fu - vbatts 15
  • 16. Links and such ● This talk – http://slackware.com/~vbatts/things/20110314-NoVAH-ssh_tunnel_fu-vbatts.odp ● PuTTY – http://www.chiark.greenend.org.uk/~sgtatham/putty/ ● Linux shell for windows – http://www.cygwin.com/ ● RTFM – http://www.linuxmanpages.com/ ● TOR – https://www.torproject.org/ – http://torsocks.googlecode.com/ NoVAH! SSH tunnel-fu - vbatts 16