ssh

Technical Notes

These notes are my personal online notebook of useful commands and "how-to's". You are welcome to make use of them if you find them helpful. They obviously don't come with any warranty! Click on one of the category tags above for the notes in any category.

Creating a server share using sshfs

  • Modify /etc/fuse.conf to uncomment the line: user_allow_other
  • Add the user to the fuse group:
adduser $USER fuse
  • relogin to get access

Connecting interactively:

sshfs -o allow_other,umask=117,uid=1002,gid=1002 myname@sv:/home/common /home/myname/common
  • allow_other # not needed here unless others can connect through this mount
  • umask=117,uid=1002,gid=1002 # controls how the files appear to this computer. If no uid or gid then the process that invokes the command will own it

Connecting through fstab

  • Note that it is best to connect on demand in case the network is not up when fstab runs originally
  • Four steps are required:
  1. Add user to fuse group
    • See above
  2. Insert entry into fstab of client computer
myname@sv:/home/common  /home/myname/common fuse.sshfs users,_netdev,noauto,x-systemd.automount,reconnect,allow_other,workaround=rename,umask=117,uid=1002,gid=1002 0 0
  • noauto # does not immidiately mount
  • x-systemd.automount # manually connects on demand if using systemd (not upstart)
  • workaround=rename # gets rid of some problems
  • _netdev # don’t try if no network
  • default_permissions # lets kernel check permissions—seems to conflict with setting uid/gid
  • reconnect # reconnect to server
  • users # not documented anywhere, but needed to allow users other than root to activate
  • Need to reboot system to get mountpoints activated
  1. Mount shares on logon
    • Can place a mount script in ./kde/Autostart e.g.
#!/bin/bash
# must already be in /etc/fstab
mount ~/common
mount ~/personal
  1. Enable password-less logon
    • See here: /how-create-password-less-ssh-login
    • Don’t forget to make sure server home directory is as least as secure as 750

Creating an ssh tunnel for mysql


ssh -N -f -L 3307:localhost:3306 user@myxhost.com
ssh -L 3307:localhost:3306 user@myxhost.com

-f = go to background
-L = local port to remote port binding
-N = no remote command to be executed

test with either of the following:

mysql -P 3307 -u dbuser -h 127.0.0.1 -p
mysql -P 3307 -u dbuser --protocol=TCP -p

tunnel can be closed with ps -ef | grep ssh and then kill the pid

http://www.webmasterworld.com/forum40/1010.htm

http://support.suso.com/supki/SSH_Tutorial_for_Linux

for windows:

How to create a password-less ssh login

How to create a password-less ssh login

#log in to the client as the user
host=server.com
hostnick=server
luser=localusername
suser=serverusername
#
mkdir -p .ssh
ssh-keygen -t rsa -f .ssh/id_rsa #generate key
############# You will be prompted for a password, press enter for no pw
#
#create .ssh/config file:
echo "host $hostnick" >> .ssh/config
echo "    hostname $host" >> .ssh/config
echo "    us

browsing through an ssh proxy

Set up the proxy:

ssh -ND 8989 user@myproxysite.com

(will prompt for password and appear to hang)

use ctrl-C to break connection

Go to firefox preferences/advanced/connection-settings

  • Manual proxy
  • SOCKS host: localhost port: 8989
  • SOCKSv5

no proxy for: localhost, 127.0.0.1

Browse to site:www.itistimed.com to verify your location

  • To connect through a port other than 22, simply add -ND 8989 to the normal login, after the -p XXXX.

fuse filesystem with SSH

  • install fuse on Ubuntu:
apt-get install sshfs smbfs
yum install kernel-devel
yum install --enablerepo=rpmforge fuse dkms dkms-fuse
  • make a directory and mount a remote file system on it
mkdir /music
sshfs -o allow_other root@sv.isnew.org:/backups/music /music
  • to unmount system
fusermount -u /music
  • to mount a samba/windows share:
sudo smbmount //sv/comm

SSH/SCP without a password

Here are some links:

scp syntax


scp -P 1234 root@isnewer.org:/home/andrew/filename .

This is a useful link to putty configuration: http://dag.wieers.com/blog/improving-putty-settings-on-windows

Syndicate content