This time on the show, Local and Remote forwarding with SSH, Persistent connections in Linux with AutoSSH, Windows tunnels that don't quit with a GUI front-end for Plink and a whole lot of technolust. All that and more, this time on Hak5!

Download HD Download MP4

SSH Remote Forwarding: Relay local apache server through tunnel

# install apache server
darren@dk10$ sudo apt-get install apache2
# browse to http://localhost
# Relay port 8080 on remote host to 80 on local host
darren@dk10$ ssh -R 8080:localhost:80 aardwolf@relay.wifipineapple.com
# browse to http://relay.wifipineapple.com:8080

SSH Local Forward: Relay remote VNC server through tunnel

# install vnc client
darren@dk10$ sudo apt-get install vncviewer
# vnc to server without SSH (bad idea)
darren@dk10$ vncviewer rrs5204q6n.hak5.org:1
# setup SSH local forward
darren@dk10$ ssh -L 5901:localhost:5901 aardwolf@rrs5204q6n.hak5.org
# vnc to server through ssh tunnel
darren@dk10$ vncviewer localhost:1

Maintaining Persistent SSH tunnels in Linux

AutoSSH is a simple and effective utility for monitoring and maintaining persistent SSH connections, restarting the session as necessary. It can be downloaded from http://www.harding.motd.ca/autossh/ and is available for most *nix platforms. On Ubuntu:

# Install autossh
darren@dk10$ sudo apt-get install -y autossh
# The autossh -M option specifies which port to monitor the connection from
# The -N option is a regular openssh parameter which is passed from autossh to ssh, specifying that there is no remote command to execute.
# The & tells the shell, bash in our example, to run the command in the background.
darren@dk10$ autossh -M 20000 -N aardwolf@relay.wifipineapple.com &
# To find the process ID where autossh is running
darren@dk10$ pidof autossh
# And finally to stop autossh
darren@dk10$ kill `pidof autossh`

Maintaining Persistent SSH tunnels in Linux

  • First of all we need to cover Plink. Short for Putty Link, the plink utility is the command-line equivalent to Putty on Windows. We'll be using this today along with another to in order to keep an SSH tunnel persistent.
  • Here's an example of a plink SSH tunnel. We start by launching pageant and entering our passphrase. Now that our private key is in memory we can use plink to start an SSH tunnel from the command line.
  • So open up CMD, navigate to where your plink utility is. For me that's by running "cd putty"
  • Now run plink.exe -- you'll be greeted by a whole list of options for this command line utility.
  • To start a simple Dynamic SOCKS proxy I'll enter:
  • plink -D 8080 snubsie@peanut.hak5.org -agent
  • The -D says make it a Dynamic SOCKS proxy on my local port 8080 and the -agent says to use pageant for the private key file.
  • And there we go, a command to start our SOCKS proxy for all our tunneling enjoyment. Of course if the SSH connection is dropped we'll be all sad pants -- especially if we're using the tunnel to watch the BBC or something.
  • And while autossh *is* available for Windows, sort of, it isn't exactly the easiest to setup. AutoSSH, the Linux program, can be run in Windows using Cygwin -- a Linux environment for Windows. If that suits your fancy, have at it. There's a decent tutorial for setting that up.
  • That said I'm more interested in using native Windows programs. Thankfully a similar setup to autossh can be achieved using plink with the help of a little utility called MyEnTunnel.
  • Short for My Encrypted Tunnel, MyEnTunnel is a windows utility that lives in the system tray, or can be run as an NT service in the background, that quietly watches Plink sessions and restarts them as necessary.
  • MyEnTunnel is available from http://nemesis2.qx.net/pages/MyEnTunnel as freeware.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

9 Comments

  • Although Darren isn’t a fan of Cygwin – I have tested the local forwarding through ssh in cygwin and it works nicely.

    Aik.

  • Marcin 2 years ago

    About sshfs in Windows http://code.google.com/p/win-sshfs/

  • Hans-J. Schmid 2 years ago

    Snubsie is especially doing great in this episode. I love when she is becoming enthusiastic about little things.

  • I enjoyed the article about SSH persistence in Windows. I liked the app being portable. You mentioned a possible security issue. The password is stored salted in a local file. Is there a way to get a pineapple to rotate keys after x mins of disconnection? Example of why this might solve the problem:

    I’m using programs on a thumb drive plugged in to Windows. I’m careless and turn around long enough for a friend to snag my dongle (is that legal in this country). He plugs it into his computer and copies the files over. He plugs the dongle (there’s that word again) back in to my computer. However, since the program crashed (because I was running it from the drive) it doesn’t rebuild the SSH tunnel. I show up while he starts brute forcing my passwords. I’ve set pineapple to rotate to the next key automatically because of the length of the failure (I have the key elsewhere, and know what one will be next). He spends his time hacking something that won’t work (I’ve rotated my key), and I’m already reconnected to the pineapple.

    What do you think? Effective security? Maybe it would even be a cooler idea to key hop? Set a series of keys that rotate at every X time so that even brute forcing in the middle won’t work? Just some thoughts.

  • Ashara 2 years ago

    Hi Darren & Shannon

    I really love your shows in regards to Proxies, SSH tunnels,Remote forwards, file shares oh my!!. Sharron I’ve learned so much and hope to see more solutions on SSHFS without (expandrive) for windows. Me love free ^_^ & portable solutions too ^_^.

    Darren would you mind looking into if there is a way to work in SSH Key Auth along with Google 2step verification and add this in to one of your up and coming segments? It would be so sweet to run this along side the key base authentication.

    Here are a few links I found:
    https://sites.google.com/site/seppsbrainoverload/it-security/2-step-verification-in-ssh

    http://www.mnxsolutions.com/security/two-factor-ssh-with-google-authenticator.html

    Keep up the great work.
    Thank you both so much look forward to seeing your next show ^_^.

  • Hans-J. Schmid 2 years ago

    How can we download the song “SSH into your heart”? Would love to listen to it in the morning going to work.

  • Neo42 2 years ago

    Finally got the forwarding to work, but now here’s a twist. Can a local port be forwarded to a host on a different network? Say the source box for the remote forward has 2 network interfaces: eth0 is 1.2.3.4 on the internet and eth1 is 10.0.0.2 on a private lan. Can I do something like this…

    From 1.2.3.4:

    ssh -L 4040:localhost:80 user@10.0.0.2 -g

    Connection comes in on 1.2.3.4:4040 and is theoretically relayed to 10.0.0.2:80 allowing anyone on my subnet to access the webserver on the 10.0.0.2 box. Will this work? If not, is there a way to get there?

  • What is the deal with the recent episodes of Hak5? They have become Darren pretty much conducting the episodes like a boring college lecture. It’s just him writing on the table with markers and Shannon saying “Ooooh Oookkk”. You would think the host of a Tech show would be teaching the audience… not one host boring the audience while teaching the other host! Used to be a big fan…..
    AND GET OFF THE SSH ALREADY!