Useful Commands/Security: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 18: | Line 18: | ||
</source> | </source> | ||
|- | |- | ||
| | | Share MariaDB service || | ||
<source lang="bash"> | <source lang="bash"> | ||
# Step 1: Listen (Run at office) | # Step 1: Listen (Run at office) | ||
# Listen server:13306 -> server:22 | # Listen server:13306 -> server:22 | ||
| Line 32: | Line 31: | ||
# -> localhost:3306 | # -> localhost:3306 | ||
ssh -NCfL *:3306:localhost:13306 localhost | ssh -NCfL *:3306:localhost:13306 localhost | ||
</source> | |||
|- | |||
| Share DNS and Web services || | |||
<source lang="bash"> | |||
# [Share DNS service] | # [Share DNS service] | ||
# server:53(udp) -> server:10053(tcp) | # server:53(udp) -> server:10053(tcp) | ||
Revision as of 06:00, 21 February 2019
| 情境 | 指令 |
|---|---|
| Indirect Outgoing |
# [Private]
# localhost -> localhost:8888
# -> server:22
# -> somewhere.com:80
ssh -NCfL 127.0.0.1:8888:somewhere.com:80 server
# [Shared]
# any -> *:8888
# -> server:22
# -> somewhere.com:80
ssh -NCfL *:8888:somewhere.com:80 server
|
| Share MariaDB service |
# Step 1: Listen (Run at office)
# Listen server:13306 -> server:22
# -> localhost:3306
ssh -NCfR 13306:localhost:3306 server
# Step 2: Share (Run at home/cloud)
# any -> server:3306
# -> server:13306
# -> server:22
# -> localhost:3306
ssh -NCfL *:3306:localhost:13306 localhost
|
| Share DNS and Web services |
# [Share DNS service]
# server:53(udp) -> server:10053(tcp)
# -> server:22(tcp)
# -> localhost:10053(tcp)
# -> dns:53(udp)
ssh -NCfR 10053:localhost:10053 server
# [Share SOCKS service]
ssh -NCfR 13128:localhost:3128 server
|
| SOCKS Relay Proxy |
# [Private]
# localhost -> localhost:3128
# -> server:22
# -> *:*
ssh -NCfD localhost:3128 server
# [Shared]
# any -> *:3128
# -> server:22
# -> *:*
ssh -NCfD *:3128 server
|
| List tunnels |
# List full commands.
ps ax | awk '/ssh \-NCf/ { print $0 }'
# List settings.
ps ax | awk '/ssh \-NCf/ { print $7 }'
# List pids.
ps ax | awk '/ssh \-NCf/ { print $1 }'
# Kill all tunnels.
kill $(ps ax | awk '/ssh \-NCf/ { print $1 }')
|
| Generate key pair |
# Save as default name id_rsa, id_rsa.pub
ssh-keygen
# Save as thefuck, thefuck.pub without password
ssh-keygen -f abc -N ''
# Save as thefuck, thefuck.pub with password
ssh-keygen -f abc -N '12345'
|
| Generate public key from private key |
# Dump
ssh-keygen -yf thefuck.pem
# Save as file
ssh-keygen -yf thefuck.pem > thefuck.pub
# Save as authorized_keys (while ~/.ssh/authorized_keys didn't exist)
ssh-keygen -yf thefuck.pem > authorized_keys
# Append into authorized_keys
ssh-keygen -yf thefuck.pem >> authorized_keys
|