[ale] Using ~/.ssh/config Better?
JD
jdp at algoloma.com
Fri Apr 22 14:23:40 EDT 2011
That first reference is EXTREMELY good with lots of non-trivial
examples. Thanks.
I am sorta shocked that you use port 22, however. I'm running Fail2Ban,
but don't want to see any logs that aren't important so listening on a
non-default port nearly eliminates those bogus attempts.
Is there a reason to ssh listen on port22 besides habit?
Perhaps your firewall allows outbound connections on that port?
Where I've worked, I always had to move my ssh listener to port 443 to
get outside at all. Anything that didn't go through their webproxy was
blocked on internal desktop subnets.
On 04/22/2011 09:25 AM, James Sumners wrote:
> The only thing that came to mind immediately is tunnels. So I did a
> quick search to see how one would configure a tunnel in their config
> file. I came upon [1] which details it exactly. [1] also looks to have
> some more answers for your question. Anway, here's how to setup a
> tunnel in your config:
>
> ==============
> Host myTunnel
> # The tunneling host
> Host ssh.example.com
> Port 22
>
> # Forward your local port to some remote port over the tunnel
> LocalForward localhost:4443 supersecret.com:443
> ==============
>
> Then you open https://localhost:4443/ in a web browser on your local
> machine and get the page at supersecret.com over your SSH tunnel.
>
> [1] -- http://magazine.redhat.com/2007/11/27/advanced-ssh-configuration-and-tunneling-we-dont-need-no-stinking-vpn-software/
> [1] -- http://tinyurl.com/c7lejq
>
> On Fri, Apr 22, 2011 at 9:13 AM, JD <jdp at algoloma.com> wrote:
>> Besides using key-based authentication with this
>> file, are there other uses or tricks that I could be using with this
>> file to further simplify ssh, sftp, scp, rsync, rdiff-backup and other
>> ssh-based connections?
>
>
>
--
JD Pflugrath
Value | Results
Direct: 678.685.8882
Ofc: (866) 963-2546
Managing Director
Algoloma Systems, LLC
More information about the Ale
mailing list