Good read for starting to intermediate ssh users is “SSH Essentials: Working with SSH Servers, Clients, and Keys | DigitalOcean” and pointers to more advanced reading material
Posted by jpluimers on 2020/06/08
For a really nice overview of most basic and intermediate usage of ssh, read [WayBack] SSH Essentials: Working with SSH Servers, Clients, and Keys | DigitalOcean.
It is large (printed to PDF it is 30+ pages in either A4 or Letter format) but well worth reading as it covers a lot in manageable bits.
Does it mean I won’t write about ssh again?
I will continue, as most of my blog posts are relatively short highlighting a small thing at a time (that is how I learn best, hopefully some of you do as well).
It does not explain really advanced stuff (like ProxyCommand), so here is a start of things I want to learn more about:
- Selecting how to connect
- [WayBack] How to force ssh client to use only password auth? – Unix & Linux Stack Exchange – this should be far easier using the
~/.ssh/configfile withHostentries.- this means I need to read more on [WayBack] ssh_config(5) – OpenBSD manual pages
- [WayBack] How do I connect to ssh with a different public key? – Server Fault
- ssh prefers public key authentication over keyboard interactive or password (see [WayBack] sshd(8) – OpenBSD manual pages: AUTHENTICATION) so if the server limits authentication tries and you have multiple public keys, then you run into
Too many authentication failures:
- [WayBack] How to force ssh client to use only password auth? – Unix & Linux Stack Exchange – this should be far easier using the
- JumpHosts / ProxyCommand:
- [WayBack] SSH ProxyCommand example: Going through one host to reach another server – nixCraft
- [WayBack] ssh – ProxyCommand use for multiple hops and prompt authentication – Unix & Linux Stack Exchange –
ncis not needed, so disregard the examples promoting it - [WayBack] OpenSSH/Cookbook/Proxies and Jump Hosts – Wikibooks, open books for an open world
- [WayBack] GitHub – moul/advanced-ssh-config: make your ssh client smarter
- [WayBack] Advanced Secure Shell: 6 Things You Can Do With SSH – DZone Security: Host matching, SFTP, KeepAlive, SSH Agent, Tunneling, X11 Forwarding, ProxyJump
- [WayBack] Advanced SSH Tunneling – Taos: tun (layer 3: IP packets) and tap (layer 2: ethernet frames) tunneling through TUN/TAP which are Tunneling Protocols.
- More hardening:
- SOCKS proxy and SSHFS:
- [WayBack] SSH tricks
- [WayBack] GitHub – libfuse/libfuse: The reference implementation of the Linux FUSE (Filesystem in Userspace) interface
- [WayBack] GitHub – libfuse/sshfs: A network filesystem client to connect to SSH servers
- [WayBack] Home – FUSE for macOS: [WayBack] FUSE for macOS · GitHub
- [WayBack] GitHub – osxfuse/osxfuse: FUSE extends macOS by adding support for user space file systems (merged from the now unsupported [WayBack] Fuse4X – The Easiest and Fastest Way to Create File Systems for Mac OS X; [WayBack] GitHub – fuse4x/fuse4x.github.com)
- [WayBack] GitHub – osxfuse/sshfs: File system based on the SSH File Transfer Protocol
- [WayBack] GitHub – osxfuse/filesystems: Example file systems
- A truckload of ssh related links: [WayBack] GitHub – moul/awesome-ssh: A curated list of SSH resources.
–jeroen
The Wiert Corner - irregular stream of stuff 
Leave a comment