Useful Commands/Security: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 20: | Line 20: | ||
| Share MariaDB || | | Share MariaDB || | ||
<source lang="bash"> | <source lang="bash"> | ||
# Step 1: Listen (Run at | # Step 1: Listen (Run at LAN) | ||
# Listen server:13306 -> server:22 | # Listen server:13306 -> server:22 | ||
# -> localhost:3306 | # -> localhost:3306 | ||
ssh -NCfR 13306:localhost:3306 server | ssh -NCfR 13306:localhost:3306 server | ||
# Step 2: Share (Run at | # Step 2: Share (Run at Home/WAN) | ||
# any -> server:3306 | # any -> server:3306 | ||
# -> server:13306 | # -> server:13306 | ||
| Line 42: | Line 42: | ||
ssh -NCfR 10053:localhost:10053 server | ssh -NCfR 10053:localhost:10053 server | ||
# [ | # [Web Proxy] | ||
# Step 1: Listen (Run at LAN) | |||
# Listen server:13128 -> server:22 | |||
# -> localhost:3128 | |||
ssh -NCfR 13128:localhost:3128 server | ssh -NCfR 13128:localhost:3128 server | ||
# Step 2: Share (Run at Home/WAN) | |||
# any -> server:3128 | |||
# -> server:13128 | |||
# -> server:22 | |||
# -> localhost:3128 | |||
ssh -NCfL *:3128:localhost:13128 localhost | |||
</source> | </source> | ||
|- | |- | ||
Revision as of 06:08, 21 February 2019
| 情境 | 指令 |
|---|---|
| Indirect Outgoing |
# [Private]
# localhost -> localhost:8888
# -> server:22
# -> somewhere.com:80
ssh -NCfL 127.0.0.1:8888:somewhere.com:80 server
# [Shared]
# any -> *:8888
# -> server:22
# -> somewhere.com:80
ssh -NCfL *:8888:somewhere.com:80 server
|
| Share MariaDB |
# Step 1: Listen (Run at LAN)
# Listen server:13306 -> server:22
# -> localhost:3306
ssh -NCfR 13306:localhost:3306 server
# Step 2: Share (Run at Home/WAN)
# any -> server:3306
# -> server:13306
# -> server:22
# -> localhost:3306
ssh -NCfL *:3306:localhost:13306 localhost
|
| Share DNS and Web Proxy |
# [Share DNS service]
# server:53(udp) -> server:10053(tcp)
# -> server:22(tcp)
# -> localhost:10053(tcp)
# -> dns:53(udp)
ssh -NCfR 10053:localhost:10053 server
# [Web Proxy]
# Step 1: Listen (Run at LAN)
# Listen server:13128 -> server:22
# -> localhost:3128
ssh -NCfR 13128:localhost:3128 server
# Step 2: Share (Run at Home/WAN)
# any -> server:3128
# -> server:13128
# -> server:22
# -> localhost:3128
ssh -NCfL *:3128:localhost:13128 localhost
|
| SOCKS Relay Proxy |
# [Private]
# localhost -> localhost:3128
# -> server:22
# -> *:*
ssh -NCfD localhost:3128 server
# [Shared]
# any -> *:3128
# -> server:22
# -> *:*
ssh -NCfD *:3128 server
|
| List tunnels |
# List full commands.
ps ax | awk '/ssh \-NCf/ { print $0 }'
# List settings.
ps ax | awk '/ssh \-NCf/ { print $7 }'
# List pids.
ps ax | awk '/ssh \-NCf/ { print $1 }'
# Kill all tunnels.
kill $(ps ax | awk '/ssh \-NCf/ { print $1 }')
|
| Generate key pair |
# Save as default name id_rsa, id_rsa.pub
ssh-keygen
# Save as thefuck, thefuck.pub without password
ssh-keygen -f abc -N ''
# Save as thefuck, thefuck.pub with password
ssh-keygen -f abc -N '12345'
|
| Generate public key from private key |
# Dump
ssh-keygen -yf thefuck.pem
# Save as file
ssh-keygen -yf thefuck.pem > thefuck.pub
# Save as authorized_keys (while ~/.ssh/authorized_keys didn't exist)
ssh-keygen -yf thefuck.pem > authorized_keys
# Append into authorized_keys
ssh-keygen -yf thefuck.pem >> authorized_keys
|