cyo5ea
Last Updated: February 25, 2016
·
408
· poupougnac

SSH on Linux, what you can and should do

SSH is not just a remote terminal of a server. You can create a web proxy (tunneling) and even reverse tunneling (access to a computer behind a router or a firewall).
But please avoid to access to your server through password authentication, use an RSA key with a passphrase. It's easy and convenient, specially if you have several server.

Generate and RSA key :

ssh-keygen -t rsa
  • My private key is generate in ~/ssh/id_rsa (highly confidential file)
  • My public key is generate in ~/ssh/id_rsa.pub

We want to put our public key on the server :

ssh-copy-id -i ~/.ssh/id_rsa.pub login@ip_server

If your SSH connection is on an other port than 22 :

ssh-copy-id -i ~/.ssh/id_rsa.pub "-p port login@ip_server"

ssh-copy-id will add to ~/.ssh/authorized_keys your public key on the server

That's it. If you change your key under GNOME, don't forget to log out then log back in your session.

How to create a reverse tunneling ? From a server, enter :

ssh -R 1234:127.0.0.1:22 root@home

Maintain the SSH session, go @home and try to connect on :

ssh user@remote_ip -p 1234

How to maintain a reverse tunneling open ? With autossh which will reconnect if something bad happen :

autossh -p 443 -R 1234:localhost:22 pierrot@my_ip

1 Response
Add your response

8213

sometimes we need to put the port option before the host <br/>
ssh -p 1234 user@remote_ip

over 1 year ago ·