1. SSH tunnel-fuNoVAH! March 2011Vincent Batts (vbatts)

2. Disclaimer Linux and console -centric Usage Info: that is all this is, nothing more NoVAH! SSH tunnel-fu - vbatts2 3. Tidbit Info privileged ports are up to 1023 ports available are up to 65535 (sizeof an int) per interface ;)NoVAH! SSH tunnel-fu - vbatts 3 4. Forwards Garden hose grappling hook Types Local Remote Dynamic NoVAH! SSH tunnel-fu - vbatts 4 5. Forwards Garden hose grappling hook Types Local - what you would like to be locallyavailable, from a remote host Remote - what you would like to be remotelyavailable, from a remote host Dynamic application-level port forwarding NoVAH! SSH tunnel-fu - vbatts 5 6. Forwards Local ssh flag: -L [bind_address:]port:host:hostport ssh_config: LocalForward Remote ssh flag: -R [bind_address:]port:host:hostport ssh_config: RemoteForward Dynamic ssh flag: -D [bind_address:]port ssh_config: DynamicForward Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 6 7. Forwards Local ssh flag: -L [bind_address:]port:host:hostport ssh_config: LocalForward Remote ssh flag: -R [bind_address:]port:host:hostport ssh_config: RemoteForward Dynamic ssh flag: -D [bind_address:]port ssh_config: DynamicForward Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 7 8. Forwards Local ssh flag: -L [bind_address:]port:host:hostport ssh_config: LocalForward Remote ssh flag: -R [bind_address:]port:host:hostport ssh_config: RemoteForward Dynamic ssh flag: -D [bind_address:]port ssh_config: DynamicForward Currently SOCKS4 and SOCKS5 proxy allowed NoVAH! SSH tunnel-fu - vbatts 8 9. Multiple HopsThis logic allows for spindly implementationsdeez@nuts $> ssh -Nf -L 6001:next01.host:22 gateway.mysite.comdeez@nuts $> ssh -Nf -L 6002:next02.host:22 -p 6001 localhostdeez@nuts $> ssh -Nf -L 6003:next03.host:22 -p 6002 localhost... NoVAH! SSH tunnel-fu - vbatts 9 10. In Session~# List forwarded connections~C Open command line. Primarily for -L, -R or -D and also -KR[bind_address:]port NoVAH! SSH tunnel-fu - vbatts 10 11. To loopback or not? the [bind_address] can be very handy default bind_address is 127.0.0.1 (localhost) ADVISORY: dont forget about your firewall configuration ADVISORY: privileged ports require root allows a local system to serve local traffic to a remotedestinationdeez@lappy $> ssh -L0.0.0.0:3389:winderz.nuts.lan gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts11 12. VIPs/multiple loopbacksmostly Linux only ;) and requires a bit of root Use Case Saved sessions, configured for a specific hostname and port ifconfig and /etc/hosts setupdeez@nuts #> ifconfig lo:0 127.0.0.2 netmask 255.255.254.0 teardowndeez@nuts #> ifconfig lo:0 downNoVAH! SSH tunnel-fu - vbatts12 13. VIPs/multiple loopbacks /etc/hosts 127.0.0.2 host1.nuts.lan 127.0.0.3 host2.nuts.lan Forwardsdeez@nuts $> sudo ssh -l vbatts-L127.0.0.2:80:host1.nuts.lan:80-L127.0.0.3:80:host2.nuts.lan:80gateway.nuts.com NoVAH! SSH tunnel-fu - vbatts 13 14. Configurations man page for ssh_config(5) ~/.ssh/config any file, then use the -f approach ExitOnForwardFailure is nice when you have a host setup, only needing to ensure forwards land properly Host and HostName convenient for saving a custom setup, in a profile for a host NoVAH! SSH tunnel-fu - vbatts14 15. Proxying Privoxydeez@lappy $> ssh -L8118:localhost:8118 myhome.dyndns.org DNS Leakage :( Frequent and common [insert tor here] The Onion Router and helpers like torsocks allow anonymized, encrypted and DNS leak- safe traffic for a host of applications https://www.torproject.org/ http://torsocks.googlecode.com/NoVAH! SSH tunnel-fu - vbatts 15 16. Links and such This talk http://slackware.com/~vbatts/things/20110314-NoVAH-ssh_tunnel_fu-vbatts.odp PuTTY http://www.chiark.greenend.org.uk/~sgtatham/putty/ Linux shell for windows http://www.cygwin.com/ RTFM http://www.linuxmanpages.com/ TOR https://www.torproject.org/ http://torsocks.googlecode.com/NoVAH! SSH tunnel-fu - vbatts16