Does the ssh protocol send the remote name to the remote machine? - ssh

If I ssh into host3.example.com 192.168.1.1, where host2.example.com also resolves to 192.168.1.1, is there any way for the remote machine to tell which hostname was used for the connection?
i.e. Does the ssh protocol send the remote name to the remote machine, like SNI in HTTPS?
(I am running an ssh server from within an application, so I am free to modify the ssh server to provide this information, if ssh clients provide it.)

As far as I know, there is no protocol extension like SNI for SSH. The DNS name (of the server) is not passed to the server by the client. See also this discussion.

Related

SSH protocol determine hostname used by client

I am attempting to create an SSH server (using Paramiko, but that's mostly irrelevant here). I am wondering if there is any way to determine the hostname that the SSH client requested. For example, if I were to connect with
ssh user#example.com
but I also had a CNAME record that pointed to the same server so I could also connect with
ssh user#foo.com
then I would like the server to know in the first case the user requested example.com and in the second, foo.com.
I have been reading through SSH protocol documents like:
https://www.rfc-editor.org/rfc/rfc4253
https://www.rfc-editor.org/rfc/rfc4252
But cannot find out if there is a way to do this.
In general, the ssh protocol does not support this. It's possible that a given ssh client may send an environment variable that gives you a hint, but that would happen after key exchange and user authentication, which would be far later than you'd want the information. It happens that if you were using Kerberos authentication via one of the ssh GSS-API mechanisms described in RFC 4462, you would get the hostname the user requested as part of the GSS exchange. That almost certainly doesn't help you, but it happens to be the only case I'm aware of where this information is sent.
For ssh virtual hosting you're going to need to dedicate an IP address or port for each virtual host. Take a look at port sharing or IPv6 as possibilities for your application.

access remote server with provided credential

I need to access a remote server, I got the IP address, hostname and password from the server provider.
With those information, can I make a SSH connection to the remote server? If So, how to config .ssh/config file? (I am using a MacBook)
If I am not able to access the server through SSH with those information, how am I supposed to access the server with those information from server provider?
No. It is not enough. You need also the remote username to access the server. Otherwise you should be good with
Host alias
Hostname IP # or given hostname -- should not matter)
User remote-username
and then you should be able to connect using ssh alias and get prompted for a password.
The way to access via ssh depends how the server is configured. If the connection is with a password, you would need a user also.
You have instructions here:
https://www.siteground.com/kb/how_to_log_in_to_an_account_via_ssh_in_mac_os/
Port is not needed usually, but just in case the ssh port by default is 22
Good luck!

What's the best way to reverse ssh tunnel to access system behind corp firewall?

I am trying to access a linux server through ssh. Typically this is accessed through a Win2012 jump server using putty.
I was able to setup a reverse ssh connection in putty from jump server to a AWS VM through HTTP proxy. And this was supposed to forward it to my linux server. But when I connect to my AWS VM and initiate ssh over my remote port, the whole thing just hangs. What am I doing wrong, and is there a better/easier way? No malicious intent, I have physical access to both jump server and linux server. Just bypassing shitty corp firewall.
Can you explain what you did in details ?
Typically on unix systems, for a reverse ssh tunnel, you can do this on your server behind the firewall:
ssh -NR ssh_port_AWS:localhost:ssh_port_local_server user#ip_AWS
You need to replace
ssh_port_AWS by the port of the distant server that you want to use to access the local server.
ssh_port_local_server by the port of the ssh server of your local server (if you don't change anything, 22).
user#ip_AWS by your AWS connection details (user#IP)

Setting up a CNAME / Nickname for a remote server

Let's say I have a digital ocean droplet - 68.456.72.184
When ssh-ing into my remote server, I'd rather not have to type out the whole ssh command -
ssh 68.456.72.184
The host's name is Stormtrooper - how do I make it so that client machines can ssh into the server via
ssh Stormtrooper
I imagine this requires some sort of configuration on the local client machine that's connecting? In what order does does a client machine search for host names? I imagine there's some local setting where it looks for "Stormtrooper"'s IP address, and if not found it it looks in the local network, and then looks in the "global" network (i.e. public DNS).
I'm not quite sure how that lookup process works, so an explanation there would be great as well.
You can create local ssh_config in ~/.ssh/config with a content:
Host Stormtrooper
Hostname 68.456.72.184
And then you can ssh to that server using ssh Stormtrooper (even tab completion will work for you).
Connecting using FQDN will work too if you have correctly set up DNS. If you have a domain Stormtrooper.tld pointing to this IP, you are able to ssh using
ssh Stormtrooper.tld
For local network resolving, you would need local DNS, which would do this translation for you.

SSH to server behind firewall

I am currently trying to work out how to SSH to servers behind firewalls that deny all incoming connections. The servers can SSH out, so I am wondering if there is a way to get the server behind the firewall to create an SSH tunnel to my workstation, then allow my workstation to send commands back to the server through it?
I have looked into tunneling / reverse tunneling, but these appear to be port forwarding solutions, which will not work as the firewall denies all connections on all ports.
Ideally, I would like to do this in Ruby (using the Net::SSH gem), such that instead of opening a new connection like:
Net::SSH.start('host', 'user', :password => "password")
I could somehow bind to an existing tunnel.
Thanks!
This is fairly simple if you have control over the server. I'll give the command-line version, and you can work that into any framework you like:
server$ ssh -R 9091:localhost:22 client.example.egg
client$ ssh -p 9091 localhost
The server establishes a connection to the client first which starts listening on the "R"emote end (i.e. the client) on port 9091 (something I just made up), and forwards those connections to localhost:22, i.e. to the ssh server on itself.
The client then just needs to connect to its own local port 9091, which is transparently forwarded to the server's ssh server.
This will usually wreak havoc to your public key checking (and adherent security!), because the client's ssh client doesn't know that localhost:9091 is the same as server:22. If your client is Putty, then you have an option to provide the "real" server name somewhere so that the credentials can be looked up properly.
Unless you can create (and maintain) a tunnel out from the host you're trying to connect to first (which would allow you then to connect through that tunnel), no you can't. That's the point of a firewall: prevent unauthorised access to a network.
However the firewall shouldn't block a tunnel, although it depends exactly how the tunnel's managed. A port-forwarding tunnel set up using ssh's tunneling features would subvert the firewall. However it may also get you in trouble with the administrator of the remote network.
So ultimately, you'd need to speak to the network administrator to get the firewall rules relaxed in order to do it without needing to tunnel, or at least get authorisation to have a tunnel.