Here are some ssh things I've jotted down.

Add ssh key based auth to remote server

cat /home/user/.ssh/ | ssh 'cat >> ~/.ssh/authorized_keys'

Note: ~/.ssh/authorized_keys must have the correct permissions otherwise it will be ignored by ssh:

chmod 0700 ~/.ssh
chmod 0600 ~/.ssh/authorized_keys

Simple reverse shell

From the initializing system run something like:

# Initialzing System
ssh -R 12345:localhost:22 receiver_user@receiver_system

This will forward the ssh tunnel to port 12345 on the receiver to the local port 22 proving ssh access.

On the receiver the connection can be completed by connecting locally

# Receiver connecting back through tunnel
ssh initializing_user@localhost -p 12345

Setting up SSH Agent forwarding

Note from Crunchbang Client w/ agent + Ubuntu server with forwarding.

On the machine with the key to be forwarded vi ~/.ssh/config and add

  ForwardAgent yes

At the command line add an identity the ssh agent:

# check identities with
ssh-add -L
ssh-add id_rsa

Seems like there is probably a different way to permanently add identities, but for now this seems to work.

On the system which will be forwarded through go into /etc/ssh/sshd_config and add AllowAgentForwarding yes.

Confirm on both systems that this command returns something like this once an SSH connection has been established.:

user@host:~$ echo "$SSH_AUTH_SOCK"

Note: if this isn't working make sure that /etc/ssh/ssh_config isn't overriding these settings