LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 01-05-2007, 03:57 PM   #1
crimsontide
Member
 
Registered: Aug 2003
Location: Omaha, Nebraska
Distribution: Red Hat, Fedora, Debian
Posts: 65

Rep: Reputation: 15
ssh configuration file


I am sure this has been asked before, but I don't know how to phrase it to search correctly.

I ssh to a server and issue do some port forwarding. Its a long command line string that I either need to type or copy and paste from history.

Can't I create a file, that contains this information and the just issue "ssh mysever" and have it look in that file for the specific port to forward and other parameters?

I even have an old example but don't know where to put it or the file name

host myserver
IdentityFile ~/.ssh/id_rsa_ssgi
User thisisme
LocalForward 5920 localhost:5920
LocalForward 5901 localhost:5901


Thanks.
 
Old 01-05-2007, 04:26 PM   #2
crimsontide
Member
 
Registered: Aug 2003
Location: Omaha, Nebraska
Distribution: Red Hat, Fedora, Debian
Posts: 65

Original Poster
Rep: Reputation: 15
Look like I need it in a ~/.ssh/config file.
 
Old 01-05-2007, 04:51 PM   #3
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
There are several ways to do this easily.
1. Create a script like this and name it say ssh_myserver. Put it in your /usr/bin so it can easliy be executed from the command line and can be found in the default users path.
Code:
#!/bin/bash
ssh -Y username@192.168.1.1 (Place your command here on this line).
Save and exit.
Then make it executable. chmod +x /usr/bin/ssh_myserver

2. To make the command an alias and place it in your home ~/.bash_profile
Examples: edit your .bash_profile and add a line like this.
alias ssh_myserver="place command here using full path"
alias ssh_myserver="ssh -Y username@192.168.1.1"
Once saved the command to reread the bash_profile eludes me off the top of my head. Logout and then log back in will reread the bash_profile.

edit: The command to reread the .bash_profile is the source command.
source .bash_profile
edit:

Brian

Last edited by Brian1; 01-05-2007 at 04:58 PM.
 
Old 01-05-2007, 05:01 PM   #4
crimsontide
Member
 
Registered: Aug 2003
Location: Omaha, Nebraska
Distribution: Red Hat, Fedora, Debian
Posts: 65

Original Poster
Rep: Reputation: 15
Great. Thanks!
 
Old 01-05-2007, 07:00 PM   #5
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
I would not recommend using ssh -Y as your default way of invoking ssh. Do that only when you're connecting to a server that you want to export X applications from and you fully trust the administrator of the machine not to annoy you (say, by opening a million xclocks on your desktop).
 
Old 01-05-2007, 08:14 PM   #6
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
Never gave that I thought. So one from the remote machine can start opening xclocks on your local desktop. I am curious as to how this can be done. Not a person who fully uses the options in ssh but how does one send like xclocks over the connection to your display? I myself only connect ssh to my machines. No ssh accounts with others.

Brian
 
Old 01-05-2007, 08:32 PM   #7
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Quote:
Originally Posted by Brian1
Never gave that I thought. So one from the remote machine can start opening xclocks on your local desktop. I am curious as to how this can be done. Not a person who fully uses the options in ssh but how does one send like xclocks over the connection to your display? I myself only connect ssh to my machines. No ssh accounts with others.

Brian
Anyone with root (or sudo) access on the machine that you're ssh'ing to could open export any X application to the desktop that you were ssh'ing from. The way X forwarding works is it allows the remote machine to open X applications using your local X server (the application starts on the remote machine, but displays on your local machine). The authentication cookie to allow this is on the remote machine, so someone with root can use the cookie, or simply su to your account.
 
Old 01-05-2007, 09:36 PM   #8
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
Beginning to see what can happen. Did some googleing and found bits and pieces. Mentioning the cookie helped in the search. But I haven't found a site that describes the technic. Would you know of a site that describes this.

Thanks for the learning experience.
Brian
 
Old 01-06-2007, 02:16 PM   #9
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
Spent some time today and experimenting on two of my linux boxes. I was able to do exactly what you described and very simply. I see the security issue with usage of -Y and for that matter -X but not quite as serious but just as bad. One thing I need to figure out what command to show ssh connections from remote machines to the server on the server. And if all possible to see who it is logged in. I am sure that info is in the logs. So one would have to make sure those logs would be secure from users.

Thanks again for learning something new in linux.
Brian
 
Old 01-07-2007, 04:04 AM   #10
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Code:
ps ax |egrep 'sshd:.*@' |grep -v grep
Should show you all the sshd processes associated with users on virtual terminals, as well as telling you which user and which virtual terminal.

Since ps can see it, trying to hide that information is going to be somewhat difficult...

Last edited by chort; 01-07-2007 at 04:07 AM.
 
Old 01-07-2007, 12:29 PM   #11
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
That is true. Thanks agian for the info. Will make a note of the command with those options. Haven't used egrep before. Something new to learn.

Brian
 
Old 01-07-2007, 03:25 PM   #12
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Quote:
Originally Posted by Brian1
That is true. Thanks agian for the info. Will make a note of the command with those options. Haven't used egrep before. Something new to learn.

Brian
It's just a shorter way of writing grep -e.
 
  


Reply

Tags
netwoking, ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH Configuration wildcat22 Linux - Networking 1 09-27-2005 09:47 AM
Slackware 10.1 + SSH Configuration Robert154 Linux - Networking 4 08-26-2005 11:01 PM
SSH Configuration xedios Linux - Software 2 10-25-2004 04:02 PM
SSH configuration help dt23 Mandriva 16 04-07-2004 04:29 PM
SSH configuration...someone please help leroy27336 Linux - Networking 28 11-16-2003 02:27 AM


All times are GMT -5. The time now is 05:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration