Difference between revisions of "SSH"
Jump to navigation
Jump to search
(2 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
Tunnel postgres from local machine to server (most common) | Tunnel postgres from local machine to server (most common) | ||
``` | ``` | ||
+ | ssh -p 22 -L 443:10.x.x.99:443 foo@example.com | ||
+ | |||
+ | curl -kL https://127.0.0.1 | ||
+ | |||
ssh -L 1111:localhost:5432 user@remote.example.com | ssh -L 1111:localhost:5432 user@remote.example.com | ||
Line 30: | Line 34: | ||
fusermount -u mnt | fusermount -u mnt | ||
``` | ``` | ||
+ | |||
+ | [[ SFTP ]] | ||
+ | # SFTP | ||
+ | - Logging commands https://access.redhat.com/articles/1374633 | ||
+ | - Use Auditd for even more information | ||
+ | - https://unix.stackexchange.com/questions/147676/chrooted-sftp-user-write-permissions | ||
# Securing sshd | # Securing sshd | ||
- https://raymii.org/s/tutorials/Limit_access_to_openssh_features_with_the_Match_keyword.html | - https://raymii.org/s/tutorials/Limit_access_to_openssh_features_with_the_Match_keyword.html | ||
+ | |||
# Bandwidth | # Bandwidth | ||
- https://serverfault.com/questions/394334/is-there-any-way-to-track-ssh-traffic-bandwidth-usage-per-user-basis | - https://serverfault.com/questions/394334/is-there-any-way-to-track-ssh-traffic-bandwidth-usage-per-user-basis |
Latest revision as of 22:04, 14 March 2023
Tunneling Protocols
Tunnel postgres from local machine to server (most common)
ssh -p 22 -L 443:10.x.x.99:443 foo@example.com curl -kL https://127.0.0.1 ssh -L 1111:localhost:5432 user@remote.example.com psql -h localhost -p 1111 -U your-db-username database-name
-g option allows remote hosts to connect to local forwarded ports
https://stackoverflow.com/questions/16835761/postgresql-via-ssh-tunnel
Tunneling is nice when using tools like https://www.sqlmanager.net/en/products/postgresql/manager or https://www.dbvis.com/ which are convenient for complex datastores.
Remote Forwarding Tunnel is another option to look at but if you have ssh access/perms to server the above is usually what you will do
Cheat Sheet
http://www.cheat-sheets.org/saved-copy/OpenSSH_quickref.pdf
ssh server - https://www.thegeekdiary.com/centos-rhel-how-to-set-up-sftp-to-chroot-jail-only-for-specific-group/
sshfs
sshfs mytest@127.0.0.1: /home/mytest/mnt -o follow_symlinks fusermount -u mnt
SFTP
- Logging commands https://access.redhat.com/articles/1374633
- Use Auditd for even more information
- https://unix.stackexchange.com/questions/147676/chrooted-sftp-user-write-permissions