====== SSH, secure shell tunnelling et autres trucs et astuces ======

===== Téléchargement sur A d'un fichier chez C via une machine B =====

"exercice" SSH pour résoudre ceci : d'une machine A (à la maison par exemple) télécharger un fichier sur une serveur public C (site.com) qui n'autorise l'accès que via une machine B (door.com chez l'employeur par exemple) reconnue. A a un accès SSH à B avec des clés présentes.

  * références :
    * [[https://unix.stackexchange.com/questions/38755/how-to-download-a-file-through-an-ssh-server]]
    * [[https://www.gnu.org/software/wget/manual/wget.html]]


test :

<code>
ssh door.local 'wget --no-check-certificate -O - https://site.com/file.pdf' >> file.pdf
</code>

===== Utilisations sous Windows =====
  * [[https://docs.microsoft.com/en-us/windows/terminal/tutorials/ssh]] : utilisation native possible avec windows 10, sur base de OpenSSH
  * [[http://www.putty.org/|PuTTY]] pour communiquer en ligne de commande (client SSH),
  * [[https://winscp.net/eng/docs/introduction|WinSCP]] ou [[https://filezilla-project.org/|Filezilla]] pour accéder aux fichiers (clients SFTP);
  * [[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html|PuTTYgen]] pour générer les clés SSH

===== Autres =====
  * [[https://ma.ttias.be/socks-proxy-linux-ssh-bypass-content-filters/|Create a SOCKS proxy on a Linux server with SSH to bypass content filters]], Mattias Geniar, 19/01/2017
  * [[https://medium.com/james-reads-public-cloud-technology-blog/essential-ssh-productivity-tips-e23289bbd1f7|Essential SSH productivity tips]] James Read, Medium, Feb 2 2021
  * [[https://at0dd.medium.com/easy-ssh-authentication-7151303189a3|Easy SSH Authentication]] Alex Todd, Medium, 07/01/2017
  * [[https://medium.com/the-kickstarter/ssh-tunneling-a-guide-79075d52ed43|SSH Tunneling, a Guide. SSH tunneling is something I have to do…]] Craig Godden-Payne, The KickStarter, Medium, 01/07/2020
  * [[https://moreillon.medium.com/ssh-reverse-shells-5094d9be2094|SSH reverse shells. SSH is one of the most widely used…]]  |  Maxime Moreillon, Nov 2021, Medium
  * [[https://medium.com/codex/access-your-linux-pc-remotely-96c1cf49f14c|Access your Linux PC remotely]] Mansi Kalaria, Medium, Jul 26, 2021

==== Alternatives pour des accès à distances ====
  * teamviewer
  * anydesk
  * ngrok

===== Sécurité =====
  * [[https://github.com/skeeto/endlessh|Endlessh: an SSH tarpit]] : Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server.
  * [[https://www.fail2ban.org]] ?

===== SSH port forwarding / SSH tunneling =====
  * [[https://phoenixnap.com/kb/ssh-port-forwarding|How to Use SSH Port Forwarding]]
  * [Is it possible to tunnel https traffic via ssh tunnel with standard ssh-programs? - Super User](https://superuser.com/questions/347415/is-it-possible-to-tunnel-https-traffic-via-ssh-tunnel-with-standard-ssh-programs)
  * [How to make SSH port fowarding for HTTPS? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/426542/how-to-make-ssh-port-fowarding-for-https)
  * [linux - HTTPS SSH Tunnel - Server Fault](https://serverfault.com/questions/581530/https-ssh-tunnel)
  * [How can I tunnel https over ssh? - Quora](https://www.quora.com/How-can-I-tunnel-https-over-ssh)