blog icon indicating copy to clipboard operation
blog copied to clipboard

Published 20 hours ago verified publisher icon plh97

SSH

Open plh97 opened this issue 6 years ago • 0 comments

前言

所有远程ssh 必须加上下面的命令才能正常

# /etc/ssh/sshd_config 文件
GatewayPorts yes

# 重启ssh
/sbin/service sshd restart

ssh登陆服务器

密码登录

ssh <username>@<ip>

正常情况下是需要输入密码的,但是我已经实现了免密登录。 image

key登录

现在本地.ssh目录下生成key,一直按回车就可以自动生成了。

cd ~/.ssh      # 渠道.ssh目录
ssh-keygen -t rsa    # 生成key

image

上传你的key到阿里云服务器上面

scp id_rsa.pub [email protected]:~/.ssh/id_rsa.pub    # 上传到vpn的~/.ssh/id_rsa.pub 目录中

image

登录vpn,修改上传的文件名字为authorized_keys

cat id_rsa.pub >> authorized_keys
logout # 退出登录

ssh 本地端口转发,,

一键开启nodejs服务器在5500端口 image

URL打开 http://localhost:8889/ image

无法访问,运行一下命令

ssh -gL 8889:127.0.0.1:5500 localhost

再次刷新页面,可以了,... image

顾名思义,本地端口转发,将所有8889端口所有http请求转发到5500端口,关闭5500端口服务,再次刷新8889端口页面,已然无法访问 image

动态转发 用过shadowsocket的都知道..

ssh -D 1088 [email protected]    # 动态转发本地所有1088端口 22登录 ,居然可以走代理了,,...
ssh -D 8987 [email protected]   # 动态转发vpn开的居然不行....

内网穿透的实现

废了好几天时间,横向跨度几个月,终于一条命令实现本地内网穿透/.///..不要小看这个例子,它可是有相当有用。我书读得多,不会骗你 :-)
ssh -fNR 8888:localhost:80 [email protected]

远程服务器将8085所有请求转发到22登录端口,最终能否实现8085登录替代22呢?从而可以绕过防火墙....

莫名断线了如何自动重启???

SSH 参数解释 主要用途

-f 后台运行 -C 允许压缩数据 -N 不执行任何命令 -R 将端口绑定到远程服务器,反向代理 -L 将端口绑定到本地客户端,正向代理

SSH详细参数大全

  • [-b bind_address]
  • [-c cipher_spec]
  • [-D [bind_address:]port]
  • [-E log_file]
  • [-e escape_char]
  • [-F configfile]
  • [-I pkcs11]
  • [-i identity_file]
  • [-J [user@]host[:port]]
  • [-L address]
  • [-l login_name]
  • [-m mac_spec]
  • [-O ctl_cmd]
  • [-o option]
  • [-p port]
  • [-Q query_option]
  • [-R address]
  • [-S ctl_path]
  • [-W host:port]
  • [-w local_tun[:remote_tun]]

nmap 扫描神器

nmap 192.168.0.0-255      // 扫描局域网内全网段

Starting Nmap 7.70 ( https://nmap.org ) at 2018-12-22 23:16 CST
Nmap scan report for 192.168.0.1                    // 路由器的端口
Host is up (0.0093s latency).
Not shown: 998 closed ports
PORT     STATE SERVICE
80/tcp   open  http
1900/tcp open  upnp

Nmap scan report for 192.168.0.100                 // 未知端口
Host is up (0.0100s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
8000/tcp open  http-alt

Nmap scan report for 192.168.0.101             // 我手机连接wifi后的端口
Host is up (0.0095s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
3000/tcp open  ppp
3001/tcp open  nessus
5555/tcp open  freeciv

Nmap scan report for 192.168.0.102             // 我的mac连接电脑后的端口
Host is up (0.00030s latency).
Not shown: 979 closed ports
PORT      STATE    SERVICE
22/tcp    open     ssh
80/tcp    open     http
88/tcp    open     kerberos-sec
99/tcp    filtered metagram
366/tcp   filtered odmr
543/tcp   filtered klogin
1031/tcp  filtered iad2
1062/tcp  filtered veracity
1105/tcp  filtered ftranhc
1199/tcp  filtered dmidi
2251/tcp  filtered dif-port
3283/tcp  open     netassistant
3306/tcp  open     mysql
3920/tcp  filtered exasoftport1
4002/tcp  filtered mlchat-proxy
5900/tcp  open     vnc
8083/tcp  filtered us-srv
9110/tcp  filtered unknown
44176/tcp filtered unknown
49152/tcp filtered unknown
52848/tcp filtered unknown

Nmap scan report for 192.168.0.156         // 未知端口
Host is up (0.0067s latency).
Not shown: 998 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
8000/tcp open  http-alt

Nmap scan report for 192.168.0.165       // 未知端口
Host is up (0.011s latency).
Not shown: 999 closed ports
PORT     STATE SERVICE
7800/tcp open  asr

Nmap done: 256 IP addresses (6 hosts up) scanned in 33.40 seconds

30几秒搞定

Reference

SSH 登录阿里云服务器 SSH的三种端口转发(Port forwarding)/ 隧道协议概要

plh97 avatar Aug 18 '18 07:08 plh97