Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » computing » linux » ssh
Trace:
computing:linux:ssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
computing:linux:ssh [2012/03/07 10:56]
gcooper 		computing:linux:ssh [2018/01/15 11:57] (current)
gcooper
Line 1: Line 1:
 ====== SSH ====== ====== SSH ======
  
-===== Set Up SSH Keys ===== +See also **[[computing:linux:ssh_keys|Set Up SSH Keys]]**
- +
-See [[computing:linux:ssh_keys|Set Up SSH Keys]].+
  
 ===== Troubleshooting ===== ===== Troubleshooting =====
 +
 +Verbose:
  
 <file> <file>
 ssh -v ... ssh -v ...
 +</file>
 +
 +Modify the MTU on your remote workstation PC to eliminate fragmentation (MTU mismatch):
 +
 +<file>
 +ifconfig eth0 mtu 576
 </file> </file>
  
Line 28: Line 34:
  
 <file> <file>
-chmod 600 /home/gcooper/.ssh/config+chmod 600 /home/username/.ssh/config 
 +</file> 
 + 
 +==== Unknown Terminal Type ==== 
 + 
 +If you get an error message "unknown terminal type", you can try specifying a different terminal like this: 
 + 
 +<file> 
 +TERM=xterm-color ssh -l username remote.host.name
 </file> </file>
  
Line 41: Line 55:
  
 service sshd restart service sshd restart
 +</file>
 +
 +==== Additional for EL7 ====
 +
 +Install ''semanage'' if it is not installed and allow ssh on your port:
 +
 +<file>
 +sudo yum install policycoreutils-python
 +
 +semanage port -a -t ssh_port_t -p tcp 2222
 </file> </file>
  
 ===== Reverse Tunnels ===== ===== Reverse Tunnels =====
 +
 +http://www.howtoforge.com/reverse-ssh-tunneling
  
 http://www.alexonlinux.com/reverse-ssh-tunnel-or-connecting-to-computer-behind-nat-router http://www.alexonlinux.com/reverse-ssh-tunnel-or-connecting-to-computer-behind-nat-router
  
-This technique is used to access an SSH host behind a NAT firewall.+This technique is used to access an SSH host behind a NAT firewall using a middle-man PC with a static IP address. 
 + 
 +  * Box behind NAT creates a reverse tunnel connection to the middle-man 
 +  * User connects to middleman PC on reverse tunnel port 
 + 
 +==== Howto ==== 
 + 
 +On the middle-man host with a real static IP address: 
 + 
 +  * Set "GatewayPorts yes" in /etc/ssh/sshd_config 
 +    * Restart sshd if sshd_config changed 
 +  * Configure to use [[computing:linux:ssh_keys|SSH keys]] rather than passwords 
 +    * Less trouble 
 +    * More secure 
 + 
 +On remote host (behind NAT) that you want to access: 
 + 
 +<file> 
 +ssh -R 22222:localhost:22 root@middleman 
 +</file> 
 + 
 +or if SSH is listening on a non-standard port: 
 + 
 +<file> 
 +ssh -R 22222:localhost:22 root@middleman -p 2222 
 +</file> 
 + 
 +From your workstation, connect through the middle-man PC: 
 + 
 +<file> 
 +ssh -p 22222 root@middleman 
 +</file> 
 + 
 +===== AutoSSH =====
  
 +http://www.howtoforge.com/reverse-ssh-tunneling#comment-4762
  
 +Use AutoSSH to keep a tunnel up constantly.
computing/linux/ssh.1331143012.txt.gz · Last modified: 2012/03/07 10:56 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki