Uncommon Uses for SSH

2006-05-01

Introduction

There is no doubt that SSH has become the standard for remote shell internet connectivity. It has replaced common unencrypted programs such as telent and rlogin. However, there are several very useful but unknown functions of SSH that remain unused by the general public. The following article will describe my experiences with SSH and the tools that I've found invaluable.

SCP

SCP is probably the most used application on my computer. It is a secure method for copying files from one machine to another using the SSH Daemon. SCP has a clear advantage over FTP and RCP because of its encryption capabilities. The syntax for SCP is similar to the UNIX CP command:

scp user@host1:/file user@host2:/destination

The man file for scp will display all the options available, but the one I use most often is the '-r' or recursive option to copy entire directories.

SSH Tunneling

SSH Tunneling is one of those rare functions that no one knows about or knows how to use. It took me quite a while to figure it out myself, but I've been able to use it successfully to bypass firewall rules and proxy servers where I had no administrator privledges. An example of when I used SSH Tunneling is when I wanted to open a VNC connection to my home computer from my work computer through 2 firewalls. This situation was especially complicated because I needed to use a middle computer which was accessible from both my home and work machine. (able to accept ssh connections)

From Home:
ssh -v -g -R 8300:localhost:5900 ed@middleman.host

From Work:
ssh -v -L 5900:middleman.host:8400 ed@middleman.host

On the Middleman Computer:
ssh -v -L 8400:localhost:8300 ed@localhost

The use of ports 8300, 8400 are random, but 5900 is the default port for VNC. On my VNC client I am then able to connect to localhost:5900 and through the tunnel connect to my home computer.

SSH-Keygen

When you use SSH/SCP often enough, having to enter a password everytime becomes a hassle. The use of SSH-Keygen allows the users with public and private keys to access each other without needing to enter a password everytime.

On the client machine, run :
ssh-keygen -t dsa

Do not enter a passphrase, and two files will be generated, id_dsa, and id_dsa.pub. Copy your id_dsa.pub key to your server machines, .ssh directory. Then 'cat id_dsa.pub >> authorized_keys' file. Viola, no more passwords needed.

Categories

Home
About me
Portfolio
Notes
Links

Blog Entries

2008

Cantors Diagonalization
Bash Shell Script Image Thumbnail Creation
Linear Algebra part 2 - Inverses and LU

2007

Linear Algebra part 1 - Gauss Jordan Elimination
Image Rectification

2006

XMLHttpRequest
Nmap
Dual Monitor, Hidden Window
Home Network Installation
Apache Statistic Script
Uncommon Uses for SSH