Reverse SSH in Slackware
I'm trying to set up a reverse ssh in Slackware, to get a shell login on an Android phone which is connected to my wifi LAN.
Running this command on the phone seems to work: Code:
ssh -R 19999:localhost:22 myuser@192.168.0.15 Code:
$ netstat -an | grep 19999 Code:
$ ssh localhost -p 19999 -v Code:
RSAAuthentication no |
interesting, what is reverse SSH?
|
Is the phone's ssh the full OpenSSH implementation? I remember Android phones typically implement dropbear SSH only, if it is even installed.
|
Stupid question: is sshd even running on the phone?
Code:
netstat -an | grep 22 |
Quote:
To take the phone out of the equation and thereby remove any doubt about its SSH implementation, I tried this between my laptop [running slackware64-14.0] and my desktop [running slackware-13.37] with the exact same result. This tells me that there must be an incorrect setting on the machine which is running sshd. Aside from the changes mentioned in my prior post, I'm using the default slackware sshd_config. The error message hints toward a PKI problem. I've tried copying keys between machines, but it doesn't make any difference, except that you don't have to enter a password to log in at step 1. How do I get a reverse ssh session working in Slackware? |
From the ssh man page:
Code:
Port forwardings can also be specified in the configuration file. |
Quote:
Originating the reverse SSH connection will require root privileges as you are forwarding a privileged port. Code:
ssh -p <Remote_Connection_Port> -R <Remote_Login_Port>:localhost:22 -i <IDfile> <username_at_server>@<server> <Remote_Connection_Port> is the port to connect to sshd on the server (default is 22). You need to add a 'Port xxx' to /etc/ssh/sshd_config on the server if you use a port other than 22. <Remote_Login_Port> is the port that will be used to connect back <IDfile> is the private key for the user on the originating machine To connect Code:
ssh -p <Remote_Login_Port> <username_at_originating_machine>@localhost The public key for the originating machine needs to be in ~/.ssh/known_hosts on the server. (This is found in /etc/ssh/ssh_host_rsa_key.pub on the originating machine if using RSA protocol.) The public key for the connecting user needs to be in ~/.ssh/authorized_keys on the originating machine. The public key for the connecting machine needs to be in ~/.ssh/known_hosts on the originating machine. (This is found in /etc/ssh/ssh_host_rsa_key.pub on the server if using RSA protocol.) PS - I heavily use my reverse SSH tunnel. Thanks for the refresher! It is years since I set this up. |
Quote:
I'll set up sshd to use an unprivileged port and see what happens. Is 2222 a good one to use? Once it is going, then I'll start messing with shared keys. Thanks for your help. I'll report back later. |
Quote:
|
Quote:
|
Quote:
The point of a reverse ssh tunnel is that you don't need to run sshd on the destination... or am I sorely mistaken on this point? |
with the command a remote 0.0.0.0:19999 socket is opened that is forwarded to localhost:22 of the machine that initiated SSH connection (your phone); you'd better answer my previous question because reverse SSH is wrong term
|
probably you want this:
Code:
ssh -R 19999:192.168.0.15:22 myuser@192.168.0.15 |
Quote:
And also "man ssh": Quote:
|
Quote:
Update: the proper term seems to be "reverse ssh tunnel". Close enough. |
All times are GMT -5. The time now is 10:22 PM. |