Debian DokuWiki

User Tools

Site Tools

Trace:
ssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ssh [2011/10/28 15:16] – [SSH Tunnels] k2patelssh [2021/06/08 20:07] (current) – [Tips & Tricks] k2patel
Line 44: Line 44:
 <code bash> <code bash>
 ssh -f -N -R 5445:localhost:5432 root@<machine> ssh -f -N -R 5445:localhost:5432 root@<machine>
 +</code>
 +
 +==== SSH Agent automation ====
 +
 +Undefine existing value and define new value in session.\\
 +This also keep the value same since nothing is changing.
 +
 +<code bash | .screenrc>
 +    unsetenv SSH_AUTH_SOCK
 +    setenv SSH_AUTH_SOCK $HOME/.screen/ssh-auth-sock.$USERNAME
 +</code>
 +    
 +Each call of screen command will overwrite the existing symlink.
 +
 +<code bash | .bashrc>
 +    _ssh_auth_save() {
 +            ln -sf "$SSH_AUTH_SOCK" "$HOME/.screen/ssh-auth-sock.$USERNAME"
 +    }
 +    alias screen='_ssh_auth_save ; screen'
 +</code>
 +
 +Now add key to your session with "ssh-add".\\
 +That should do it.
 +
 +
 +==== Tips & Tricks ====
 +
 +== Show fingerprint of key ==
 +<note important>You can use -v to print random ASCII Image</note>
 +
 +<code bash>
 +# Using -E can specify MD5 has which mostly require to compare
 +ssh-keygen -lf .ssh/OLD/id_rsa.pub.old
 +</code>
 +OR
 +<code bash>
 +ssh-keygen -l -F ip.k2patel.in
 +</code>
 +
 +It will print for all public key in single file if there is multiple key in it.\\
 +Also, it is usefull in identifying MITM Attack by comparing against your known host.\\
 +
 +== Print fingerprint on login ==
 +You can enabled printing of server key by setting following variable.\\
 +<note tip>you can setup on any of following file /etc/ssh/ssh_config OR .ssh/config</note>
 +<code bash>
 +VisualHostKey yes
 +</code>
 +
 +== Run Command from file Remotely ==
 +Place all your command in xyz file. And run as follows
 +<code bash>
 +ssh -l k2patel nice.k2patel.in "`cat xzy`"
 +</code>
 +
 +== Comment on public key ==
 +You can control comment on public key during generation using following command.
 +
 +<code bash>
 +ssh-keygen -t rsa -C "k2patel rsync to remote server xyz" -f .ssh/remote_xyz
 +</code>
 +
 +== Temporarily disable ssh key forwarding ==
 +This will disable key forwarding, while login with the key.
 +<code bash>
 +ssh yahoo.com -i .ssh/id_ed25519 -o IdentitiesOnly=yes -F /dev/null -l ketan
 </code> </code>
ssh.1319814994.txt.gz · Last modified: 2020/08/10 02:29 (external edit)