본문 바로가기

Linux

Reverse SSH

@markdown

#Reverse SSH


## Examples

```

ssh -fN -R 0.0.0.0:PUBLIC_PORT:0.0.0.0:INTERNAL_PORT PUBLIC_HOST_USERNAME@PUBLIC_HOST_IP_OR_DOMAIN

ssh -fN -R 0.0.0.0:4480:0.0.0.0:80 admin@example.com # internet -> example.com:4480 -> mypc:80

ssh -fN -R 0.0.0.0:4422:0.0.0.0:22 admin@example.com # internet -> example.com:4422 -> mypc:22

```


## Expose reverse ssh tunnel on internet (your choice)

Note that *if you use OpenSSH sshd server, the server's `GatewayPorts` option needs to be enabled* (set to yes or clientspecified) for this to work (check file `/etc/ssh/sshd_config` on the server). Otherwise (default value for this option is no), the server will always force the port to be bound on the loopback interface only.

_

TL;DR;

If you want to expose reverse ssh tunnel on internet, enable `GatewayPorts` option on public server

otherwise, reverse ssh tunnel is not visible on internet


## ssh login without password  (optional)


Run ssh-keygen command on local machine. DO NOT ENTER PASSPHRASE!

`ssh-keygen -t rsa`

Generating public/private rsa key pair.

Enter file in which to save the key (/home/a/.ssh/id_rsa): 

Created directory '/home/a/.ssh'.

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /home/a/.ssh/id_rsa.

Your public key has been saved in /home/a/.ssh/id_rsa.pub.

_

Copy generated key to public server

`cat .ssh/id_rsa.pub | ssh admin@example.com 'cat >> .ssh/authorized_keys'`



'Linux' 카테고리의 다른 글

리눅스 파일시스템 계층 표준  (0) 2018.02.01
Linux Network Traffic Control  (0) 2018.01.05
Boost Productivity with Z and Zsh on Ubuntu  (0) 2017.04.26
Linux Network Interface Name  (0) 2017.03.26
터미널에서 헥스덤프 만들기  (0) 2017.02.26