If we have a following situation:
[laptop] ---- [host1] ---- [host2] ----[target]
where host1 is reachable from the my laptop machine, host2 from host1 and the target from host2 only. We have ssh credentials to both host1 and host2.
We can use the dynamic port forwarding with the following command:
ssh -N -D 127.0.0.1:8282 host1_account#host1
and that will basically create a SOCKS4 that we can use with proxychains so that command will work from the kali device:
proxychains ssh host2_account#host2
How we can make a similar (additional?) dynamic tunnel from host2 to target?
Make sure you're on OpenSSH 7.3 or later, and use SSH's ProxyJump feature: ssh -J host1_account#host1 -D 127.0.0.1:8282 host2_account#host2. That will give you an SSH session on host2, and 127.0.0.1:8282 will proxy traffic out through host2.
Related
I am currently using the following cmd to login to a ec2 instance using a jumphost -
ssh -J jumphost:2222 some_ip
I have installed csshX as I need to login to multiple instances simultaneously. I am not sure how to specify a jumphost in csshX.
Regards,
Aditya
You can use an ssh config, the default location being ~/.ssh/config which has a similar configuration, and ssh client honours it.
Host 192.168.*.*
ProxyCommand ssh jumphost -W %h:%p
and when you do csshX 192.168.0.10, it will go through the jumphost. (Tested and working from a mac.)
I am trying to use dynamic port forwarding to ssh to various servers in my university from home.
I used local port forwarding successfully:
ssh -L 10001:server1:22 my_user#proxy_server
ssh -p 127.0.0.1:10001
but I am using 12 servers, and I'd like to create only one tunnel (dynamic).
Is it possible to configure ssh to use a SOCKS proxy?
You can add the '-L' option several times to have more then one forwarding through one ssh connection.
Like
ssh -L 10001:server_1:22 -L10002:server_2:22 -L ... my_user#proxy_server
I have written a ssh config file that specifies a typical jump server setting:
Host host1
HostName 11.11.11.11
User useroo
IdentityFile some/key/file
Host host2
HostName 192.11.11.10
User useroo
IdentityFile some/other/key
ProxyCommand ssh -W %h:%p host1
I can successfully connect with ssh host2 when I save this as ~/.ssh/config. However if I save the config somewhere else as xy_conf, calling ssh -F xy_conf host2 results in an error saying
ssh: Could not resolve hostname host1: Name or service not known
ssh_exchange_identification: Connection closed by remote host
Is this the expected behavior? How else can I set this config temporarily? I don't want to set it as ~/.ssh/config.
OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8, OpenSSL 1.0.1f 6 Jan 2014
Using different location for ssh_config affects only the first call of ssh, but not the second (from ProxyCommand). You need to pass the same argument to the secondssh` too:
ProxyCommand ssh -F xy_conf -W %h:%p host1
I have database server on AWS and from my PC i have to access that database using ssh tunneling for below scenario.
PC --> Jump1 [x.pem, port:22] --> Jump2 [y.pem, port:443] --> mysqldb:3306
For this kind of scenarios, Config File is the best way to do it.
Run
$ touch ~/.ssh/config
Add host entries in a config file.
Host <Host_Name>
HostName <URL/IP of Jump2>
User <>
Port <>
Identityfile <yyy.pem>
StrictHostKeyChecking no
ProxyCommand ssh -i <xxx.pem> <user>#<IP/DNS of Jump1> nc %h %p 2> /dev/null
and then to create a tunnel
$ ssh <local_port>:DB_URL:<DB PORT> <Host_name>
that's it.
Now you can connect to DB using
localhost:<local_port>
If you already have your public keys in authorized_keys on respective hosts
then you can use -J directive.
like this:
ssh -J user1#host1 user2#host2
If you have more than one jump host you can concatenate it inside of -J directive like this:
ssh -J user1#host1,user2#host2,user(n-1)#host(n-1) userN#hostN
I also using port forwarding so it takes your port data all the way to the last site and then connect to specific site like this:
ssh -L 8080:microsoft.com:80 -J user1#host1 user2#host2
It will create unencrypted connection only from host2 to microsoft.com:80
I can now forward one port 8080 to the remote port 80 by ssh -L 8080:localhost:80 user#host.com, Is it possible to do multiple port forwarding with one ssh connection?
Yes, use -L option for each port to be forwarded.
Example:
ssh -L 8080:localhost:80 -L 7070:localhost:70 user#host.com
That is called dynamic port forwarding and if both the SSH server and SSH client support this, you configure your clients to use the SSH client as a SOCKS proxy and the SSH does the rest. In this case one "SSH connection" (in fact SSH connection carries multiple independent channels "inside") is used to connect to multiple destinations.