Here are some ssh things I've jotted down.
Add ssh key based auth to remote server
cat /home/user/.ssh/id_rsa.pub | ssh email@example.com 'cat >> ~/.ssh/authorized_keys'
~/.ssh/authorized_keys must have the correct permissions otherwise it will be ignored by ssh:
chmod 0700 ~/.ssh chmod 0600 ~/.ssh/authorized_keys
Simple reverse shell
From the initializing system run something like:
# Initialzing System ssh -R 12345:localhost:22 receiver_user@receiver_system
This will forward the ssh tunnel to port 12345 on the receiver to the local port 22 proving ssh access.
On the receiver the connection can be completed by connecting locally
# Receiver connecting back through tunnel ssh initializing_user@localhost -p 12345
Setting up SSH Agent forwarding
Note from Crunchbang Client w/ agent + Ubuntu server with forwarding.
On the machine with the key to be forwarded
vi ~/.ssh/config and add
Host machine.to.forward.through.com ForwardAgent yes
At the command line add an identity the ssh agent:
# check identities with ssh-add -L ssh-add id_rsa
Seems like there is probably a different way to permanently add identities, but for now this seems to work.
On the system which will be forwarded through go into
Confirm on both systems that this command returns something like this once an SSH connection has been established.:
user@host:~$ echo "$SSH_AUTH_SOCK" /tmp/ssh-EJjvLb2203/agent.2203
Note: if this isn't working make sure that
overriding these settings