ssh> -L 5000:localhost:5000
ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no myhost

Scenario: ''host1 is accessible from the local machine, but host2 is only accessible from host1, and host 3 only through host2''.

Host host1
  HostName host1.example.com
Host host2
  ProxyCommand ssh -q host1 nc -q0 host2 %p
Host host3
  ProxyCommand ssh -q host2 nc -q0 %h %p
ssh -A -t host1.example.com ssh -A -t host2 ssh -A host3

So traffic over 443 appears to be SSL, and therefore not triggering IDS. See also stunnel or Proxytunnel for alternative setups.

ssh -o ProxyCommand="openssl s_client -host <H> -port <P>" ...
mv ~/.ssh/id_rsa ~/.ssh/id_rsa.old
openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_rsa.old -out ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
# Check that the converted key works; if yes, delete the old one:
rm ~/.ssh/id_rsa.old
smbclient -U "DOMAIN\user" //dc.domain.com/share/test/dir
echo "some text" | sudo tee -a /path/file
ssh gw tcpdump -i eth3 -U -s0 -w - 'tcp port 80' | wireshark -k -w /tmp/gw.cap -b filesize:50000 -b files:10 -i -
chmod go-w $HOME $HOME/.ssh
chmod 600 $HOME/.ssh/authorized_keys
chown `whoami` $HOME/.ssh/authorized_keys
autossh -M 0 -fN foo

systemd integration (e.g. /etc/systemd/system/autossh.service)

Description=AutoSSH tunnel service

[Service] Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -M 0 -N mysshserver.example.com  -L 25: -R 2222:localhost:22

[Install] WantedBy=multi-user.target
ssh-keygen -C "foo@bar.com" -t rsa -b 4096 -a 500 -f ~/.ssh/id_rsa_foo_2021
  • unix/ssh.txt
  • Last modified: 2021-05-05T09:43:21+0200
  • by Wolfgang