Table of Contents

SSH Tunnels

Bypassing firewalls

If only HTTP (port 80) or HTTPS (port 443) is allowed out of the network. This is also useful for obfuscating traffic from your machine.

You'll need to have server1 listening for ssh connections on port 80 or 443, we'll assume 443 here. From there you can create a SOCKS proxy using ssh. The '-g' parameter allows remote machines to share this proxy.

ssh -D 8080 -p 443 seven@server1.com

or using PuTTY

putty.exe -D 8080 -P 443 -ssh user@server1.com

The socks proxy will be localhost:8080 and can be configured in Firefox/IE's internet settings or in any application that supports it.

Reverse tunnels

Create a (reverse) tunnel so server2 can be reached later even if it is NAT'd or behind a firewall.

This runs on server2 (the server behind the firewall) and connects to server1 (the same external server we used above). You can append a ping statement to the end of the ssh command to keep the connection alive over longer periods.

ssh -p 443 -R 12345:localhost:22 user@server1.com

Now, from SERVER1 outside the firewall we can connect back into SERVER2 by typing:

ssh localhost -p 12345

SSH key login

Generate keys on the client machine:

ssh-keygen -t rsa

Copy the public key (id_rsa.pub) to the server:

cat .ssh/id_rsa.pub | ssh user@server 'cat >> .ssh/authorized_keys'

Confirm permissions are correct on created file:

ssh user@server "chmod 700 .ssh; chmod 640 .ssh/authorized_keys"

SSH Fingerprint

Some services want a server's SSH fingerprint, you can generate in the format they usually want with this command:

cut -d ' ' -f 2 < /etc/ssh/ssh_host_rsa_key.pub  | base64 -d | openssl dgst -c -sha1