Jun 102011
 

ssh Today I present this excellent article by Domenico Raffaele originally presented in his blog (in Italian) where you can find many other interesting articles about hacks and VoIP.

I’ve already wrote about unusual use of ssh. I want to return to this topic fascinating and almost unknown, once again, and I promise I will not be the last.

X11Forwarding

Since time immemorial (in the scale of computing eras), is common practice to launch remote applications (Xclients) in a graphical environment, but using them from local (Xserver).

Consider the need to scan the internal network to which it belongs remote server2, which can be accessed remotely via ssh.




The traditional way it’s the following::

serv1# xhost serv2

thus serv2 is added to the ACL of the allowed hosts.

serv1# ssh serv2

or telnet, rlogin and other antiquities.

serv2# export DISPLAY=serv1:0
serv2# zenmap &

In this way, however, all communications between the two machines are unencrypted, also the X server must accept connections (typically on TCP port 6000).

Woth ssh is possible through a so-called X11Tunnel, with the only prerequisite that the following packages are installed on server2 libx11-6 and xauth, and, always on server2, the file /etc/ssh/sshd.config contains the directive “X11Forwarding=yes” .

serv1# export DISPLAY=:0
serv1# ssh -X serv2
serv2# zenmap &

In this way communication between the two hosts is encrypted, and the Xserver can also be performed in a more restrictive manner, for example with the “-nolisten tcp” option, to be protected from unauthorized access.

Remote execution and piping commands

When you invoke ssh with a command to run, and without the -t, ssh will redirect stdin, stdout and stderr of that command to the shell from which it was invoked. It is an example of how easy it is to build pipes with ssh components.

The following command displays the mounted filesystem on the remote system and their occupancy:

# ssh 188.9.1X.1XX df |awk '{print $5 "t" $1}'
root@188.9.1X.1XX's password:
Usati	Filesystem
2%	/dev/sda1
0%	tmpfs
6%	udev
0%	tmpfs

Popular Posts:

Flattr this!

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

*