SSH - nimrody/knowledgebase GitHub Wiki
Using SSH
-
ssh login without password
ssh user@host "mkdir -p .ssh && cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub http://tychoish.com/rhizome/9-awesome-ssh-tricks/ http://news.ycombinator.com/item?id=3011947 brew install ssh-copy-id # on os x -
Remote (-R) port forwarding
expose a local port to remote machine
ssh -R *:2222:localhost:22 nimrody.comwill forward all connections to 2222 on nimrody.com
*rmeans all interfaces. otherwise default is localhost only) to localhost:22 (SSHd) -
Local port forwarding
expose a remote port as local port (forward all connections to local port to the one on the remote machine) For example connect to remote SQL server as if it was local (assuming it blocks connections from outside except from localhost)
Or expose JVM debug ports on a remote machine as local
Can expose an inaccessible host on VPN if we can SSH into the gateway:
local=localhost:1234 (or just 1234) remote=private_host:443 (private host not accessible from outside the private network) ssh -L ${local}:${remote} gateway-public-host -
Socks5 Proxy
Tunnel all connection through gateway machine (then setup your browser to use socks on 127.0.0.1:8123)
ssh -fNn -D 8123 gateway-hostname curl --socks5-hostname localhost:8123 some-host-we-cannot-access(the above will go through the gateway)
-
Agent forwarding:
ssh -A hostnameforwards my private key to hostname so I can ssh from there -
SSH escape character
recognized after newline default to ~
~? - help ~. - terminate connection ~C command line
-
Proxy connection using another host
Host tensera #ProxyCommand ssh nimrody.com nc localhost 22222 ProxyCommand ssh nimrody.com -W localhost:22222(the above assumes nimrody.com has someone listing on port 22222)