Tunneling

• port forward local port to remote host via ssh ssh -o StrictHostKeyChecking -T -R 8800:localhost:8899 [email protected] -i trash this command is run on in between machine. This makes port 8899 available on the attacker machine being shhd into on port 8800. This was done using an ssh key for ease of use.
• Tunnel a local port on the attacker machine to a remote port via ssh ssh -N -L 0.0.0.0:8800:10.0.17.200:8899 [email protected]@10.0.17.200. For example, this makes 8800 on the attacker machine tunneled through ssh to 10.0.17.200:8899.
• Making a nonpasswd ssh key. ssh-keygen -N "" -C "tmp" -f "tmp"