lfce/ssh.txt at master · ghumman/lfce · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
Client 1:
	a)
	ssh-keygen -t rsa
	ssh-copy-id 192.168.33.20
	ssh 192.168.33.20
	This will require passphrase every time logging in
	b)
	ssh-keygen -t rsa
	ssh-agent /bin/bash
	ssh-add
	ssh 192.168.33.20
	Won't require passphrase everytime

Port Forwarding
	ssh -fNL 4444:rhatcert.com:80 root@192.168.33.20
	(Testing) w3m http://localhost:4444

	Install apache server on 192.168.33.20
	ssh -fNL 5555:localhost:80 root@192.168.33.20
	(or )ssh -fNL 5555:192.168.33.20:80 root@192.168.33.20
	(another way to do it is following)
	ssh -f root@192.168.33.20 -L 5555:192.168.33.20:80 -N
	(Testing) w3m http://localhost:5555

	ssh to client2 using a different port
	ssh -fNL 6666:localhost:22 root@192.168.33.20
	(Testing) ssh -p 6666 localhost

VNC Server
	Install
	sudo apt-get install tightvncserver xtightvncviewer

	Start
	vncserver

	View
	vncviewer localhost:1

	View over/via ssh
	vncview -via vagrant@client3 client3:1

	Kill
	vncserver -kill :1

	To create vnc service at boot-up with systemd
	sudo vim /etc/systemd/system/vncserver@.service
	[Unit]
	Description=Remote desktop service (VNC) on port :%I
	After=syslog.target network.target
	[Service]
	Type=forking
	User=student
	ExecStartPre=-/usr/bin/vncserver -kill :%i
	ExecStart=/usr/bin/vncserver :%i -localhost
	PIDFile=/home/lee/.vnc/%H:%i.pid
	ExecStop=-/usr/bin/vncserver -kill :%i
	[Install]
	WantedBy=multi-user.target

	(PIDFile need to be created manually)

SSH using alias
	sudo vim ~/.ssh/config
	host friend
		hostname client1
		user vagrant

#Stop a client to connect using TCP Wrappers
sudo vim /etc/hosts.deny
sshd: 192.168.33.40
#Also if you want log this information, use following
sshd: 192.168.33.40 \ : spawn /bin/echo $(/bin/date) %a access denied >> /var/log/sshd \ :deny