ssh> -L 5000:localhost:5000

Scenario: host1 is accessible from the local machine, but host2 is only accessible from host1, and host 3 only through host2.

Host host1
  HostName host1.example.com
Host host2
  ProxyCommand ssh -q host1 nc -q0 host2 %p
Host host3
  ProxyCommand ssh -q host2 nc -q0 %h %p
ssh -A -t host1.example.com ssh -A -t host2 ssh -A host3

So traffic over 443 appears to be SSL, and therefore not triggering IDS. See also stunnel or Proxytunnel for alternative setups.

ssh -o ProxyCommand="openssl s_client -host <H> -port <P>" ...
mv ~/.ssh/id_rsa ~/.ssh/id_rsa.old
openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_rsa.old -out ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
# Check that the converted key works; if yes, delete the old one:
rm ~/.ssh/id_rsa.old
smbclient -U "DOMAIN\user" //dc.domain.com/share/test/dir
echo "some text" | sudo tee -a /path/file
ssh gw tcpdump -i eth3 -U -s0 -w - 'tcp port 80' | wireshark -k -w /tmp/gw.cap -b filesize:50000 -b files:10 -i -
chmod go-w $HOME $HOME/.ssh
chmod 600 $HOME/.ssh/authorized_keys
chown `whoami` $HOME/.ssh/authorized_keys
autossh -M 0 -fN foo
  • unix/ssh.txt
  • Last modified: 2020-08-03T22:29:39+0200
  • by Wolfgang