mikeage.net Logo

mikeage.net @ כ״ח אדר ב' תשע״ז

Posts Tagged ‘SSH’

PingTunnel Improvements: Win32 & Syslog

‍‍ט״ז טבת תשס״ט - Monday, January 12th, 2009

For anyone interested in clever networking hacks, I strongly advise checking out ptunnel. This software package allows you to tunnel any TCP (such as SSH) over a ICMP (i.e., ping). Since even the most restrictive firewalls (whether corporate, Wifi (don't steal...) or other) usually let ICMP traffic through, this little piece of code can let you access anything you want.

SSH Keys, the Easy Way

‍‍ז׳ מנחם אב תשס״ה - Friday, August 12th, 2005

Quick Overview

You should be familiar with the basics of public key authentication for ssh. Implementing it is actually pretty easy, and remarkably useful. However, connecting between OpenSSH servers (linux) and commercial SSH2 (not the SSH2 protocol, but the ssh2 program) servers (like the one on many older solaris machines) can be quirky. So we'll cover it here.

OpenSSH -> OpenSSH

Notation Note

In general, we will be connecting from local to remote. Replace those names with your machine (e.g., in this example, the local machine is breeze, and the remote machine is mikeage.net). Also note that this process will have to be done in two directions, so you can go from LOCAL->HOST and then back from HOST->LOCAL.

Setting it up

What we're doing How Where
1. Generate SSH Keys ssh-keygen -t dsa -f .ssh/id_dsa breeze
2. Copy Public Key to the Remote Machine scp .ssh/id_dsa.pub mikeage.net: breeze
3. Add Public Key to the list of keys cat id_dsa.pub >> .ssh/authorized_keys2 mikeage.net
4. Set up permissions chmod 640 .ssh/authorized_keys2 mikeage.net

You can now ssh from breeze to mikeage.net without a password. Make sure never to let anyone get your private key file (keep permissions at 600). Public keys can (and should) be publically available.

OpenSSH -> SSH2

From OpenSSH (breeze), to SSH2 (solaris.mikeage.net)

The assumption is that the above has already been done. Note that following the public key ideas, the public key from breeze will be on solaris.mikeage.net. Since, however, SSH2 cannot read an OpenSSH key, we have to do a few tiny little changes first.

What we're doing How Where
1. Convert SSH Public Key ssh-keygen -e, then tell it where the public key is breeze
2. Create the public key file on the SSH2 machine vi .ssh2/id_dsa.breeze, then paste it in. mikeage.net
3. Add Public Key to the list of keys echo "key id_dsa.breeze" >> .ssh2/authorization mikeage.net


SSH2 -> OpenSSH

From SSH2 (mikeage.net), to OpenSSH2 (breeze)

Now, we'll need to generate a new set of keys on the SSH2 machine, and send its public key to the openssh machine. Again, we'll need to do some converting of the public key, this time to OpenSSH form.

Note that I recently updated this section to make it a little clearer.

What we're doing How Where
1. Create SSH Keys ssh-keygen -t dsa mikeage.net
2. Tell SSH2 who it is (don't ask) echo "idkey id_dsa_1024_a" >> .ssh2/identification mikeage.net
3. Set permissions chmod 600 .ssh2/idkey id_dsa_1024_a.pub .ssh2/identification mikeage.net
4. Copy the public key to the OpenSSH machine scp .ssh/id_dsa_1024_a.pub breeze: mikeage.net
5. Convert the public key, and add it ssh-keygen -i -f id_dsa_1024_a.pub >> .ssh/authorized_keys2 breeze


SSH Keys Tip updated again

‍‍ט״ז אלול תשס״ד - Thursday, September 2nd, 2004

Another (tiny) update to the ssh keys page... nothing major, just a punctuation note. Thanks to Thomas P. for pointing that out!

BTW, as a page owner, feedback is already really nice to get... thanks to all who've written!

SSH Keys Tip updated

‍‍ג׳ מנחם אב תשס״ד - Wednesday, July 21st, 2004

A small update was made to the SSH Keys tips page. Thanks to Arthur Magill for pointing out some unclear wording.

Quick Map
Content +
Personal +
Archives +
Site Stuff +
RBS Weather +
Search +
Recent Images

Valid XHTML 1.1!
Printer Friendly Page

Last Modified: September 04, 2006 @ 02:11 CST

Memory(TRUE): 2097152/2097152
Memory(FALSE): 1802712/1812256