Commit 0a9f9a7
Changed files (1)
slides.md
@@ -1,91 +1,118 @@
# Slides
- - Define terms:
-
- ssh words:
- - Client (ssh, starts connection)
- - Server (sshd, listening)
-
- Tunnel words:
- - Bind (interface/port)
- - Target (address/port)
-
- - (-L) Client listener, New connection via Server
-
- -L bind_interface:bind_port:target_address:target_port
-
- The `-L` creates a new listening socket at the specificied bind_interface and
- bind_port on the CLIENT side that will shuttle packets received at that
- CLIENT side socket listener through the secure ssh connection all the way to the
- ssh SERVER where the SERVER then iniitiates a new connection to the target_host
- and target_port
-
- Jargon: this is often called a Forward Tunnel
-
- Use Case:
- I would like to connect to an RDP server (192.168.34.35) that is only
- accessible on a closed network that an ssh server (example.com) that I
- have access to is also on. I will create a forward tunnel that listens on
- the clients interface (127.0.0.1) at port 3389 which will transit the
- secure connection. Once on the other side the ssh server will create a new
- connection to the target RDP server on port 3389.
-
- ssh example.com -L 127.0.0.1:3389:192.168.34.35:3389
-
- Jargon: This example tunnel is often called a Straight Through Tunnel
- because the client listening port is the same as the target port
-
-
- - (-R) Server listener, New connection via Client
-
- -R bind_interface:bind_port:target_address:target_port
-
- The `-R` creates a new listening socket at the specificied bind_interface and
- bind_port on the SERVER side that will shuttle packets received at that
- SERVER side socket listener through the secure ssh connection all the way to the
- ssh CLIENT where the CLIENT then iniitiates a new connection to the target_host
- and target_port
-
- Jargon: this is often called a Reverse Tunnel
-
- Use Case:
- There is an existing web service that is running on example.com. It is
- configured to connect to its mysql instance at 127.0.0.1 and port 3306.
- I want to stop the mysql service running on example.com and run a test
- against a different set of data that is only on my ssh client machine.
- This database is 3TB so I definitely don't want to send it up to the
- server just to do this test. After stopping the existing mysql service
- I connect into example.com with a reverse tunnel that listens on the
- servers interface (127.0.0.1) at port 3306 which will transit the secure
- connection. Once on the other side the ssh client will create a new
- connection to the target mysql server on port 5555 because this is where
- I have this specific mysql instance listening.
+
+We're being pretty particular with the language used here. Here are some definitions:
+
+SSH words:
+
+- Client (`ssh`, starts connection)
+- Server (`sshd`, listening)
+
+Tunnel words:
+
+- Bind (interface/port)
+- Target (address/port)
+
+## `-L` - Client listener, New connection via Server
+
+Example syntax:
+
+```
+-L bind_interface:bind_port:target_address:target_port
+```
+
+The `-L` creates a new listening socket at the specificied bind_interface and
+`bind_port` on the __CLIENT__ side that will shuttle packets received at that
+__CLIENT__ side socket listener through the secure ssh connection all the way to the
+ssh __SERVER__ where the __SERVER__ then iniitiates a new connection to the `target_host`
+and `target_port`
+
+> __Jargon:__ this is often called a Forward Tunnel
+
+### Use Case
+
+I would like to connect to an RDP server (192.168.34.35) that is only
+accessible on a closed network that an ssh server (example.com) that I
+have access to is also on. I will create a forward tunnel that listens on
+the clients interface (127.0.0.1) at port 3389 which will transit the
+secure connection. Once on the other side the ssh server will create a new
+connection to the target RDP server on port 3389.
+
+```
+ssh example.com -L 127.0.0.1:3389:192.168.34.35:3389
+```
+
+> __Jargon__: This example tunnel is often called a Straight Through Tunnel
+> because the client listening port is the same as the target port
- ssh example.com -R 127.0.0.1:3306:127.0.0.1:5555
- - (-D) Client socks listener, Multiple connections via Server
+## `-R` - Server listener, New connection via Client
+
+Example syntax:
+
+```
+-R bind_interface:bind_port:target_address:target_port
+```
+
+The `-R` creates a new listening socket at the specificied `bind_interface` and
+`bind_port` on the __SERVER__ side that will shuttle packets received at that
+__SERVER__ side socket listener through the secure ssh connection all the way
+to the ssh __CLIENT__ where the __CLIENT__ then iniitiates a new connection to
+the `target_host` and `target_port`
+
+> __Jargon:__ This is often called a Reverse Tunnel
+
+### Use Case
+
+There is an existing web service that is running on example.com. It is
+configured to connect to its mysql instance at 127.0.0.1 and port 3306. I want
+to stop the mysql service running on example.com and run a test against a
+different set of data that is only on my ssh client machine. This database is
+3TB so I definitely don't want to send it up to the server just to do this
+test.
+
+After stopping the existing mysql service I connect into `example.com` with a
+reverse tunnel that listens on the servers interface (`127.0.0.1`) at port
+`3306` which will transit the secure connection. Once on the other side the ssh
+client will create a new connection to the target mysql server on port `5555`
+because this is where I have this specific mysql instance listening.
+
+```
+ssh example.com -R 127.0.0.1:3306:127.0.0.1:5555
+```
+
+## `-D` - Client socks listener, Multiple connections via Server
+
+
+Example syntax:
+
+```
+-D bind_interface:bind_port
+```
+
+The `-D` creates a new listening socket at the specificied `bind_interface` and
+`bind_port` on the __CLIENT__ side which is a __SOCKS PROXY__ listener.
+__APPLICATION TRAFFIC__ sent to this the __CLIENT__ side __SOCKS PROXY__
+listener will transit the secure ssh connection all the way to the ssh
+__SERVER__ where the __SERVER__ then iniitiates a new connection to the
+__APPLICATION SPECIFIED__ targets
- -D bind_interface:bind_port
+> __Jargon:__ This is often called a Dynamic Proxy
- The `-D` creates a new listening socket at the specificied bind_interface
- and bind_port on the CLIENT side which is a SOCKS PROXY listener.
- APPLICATION TRAFFIC sent to this the CLIENT side SOCKS PROXY listener will
- transit the secure ssh connection all the way to the ssh SERVER where the
- SERVER then iniitiates a new connection to the APPLICATION SPECIFIED targets
+### Use Case
- Jargon: this is often called a Dynamic Proxy
+I want to browse an internal website that requires multiple connections
+to multiple domains and IP addresses on many different ports. The ssh
+server (example.com) has the appropriate network connectivity to initiate
+all of these connections. I will create a dynamic tunnel proxy at port
+9050. I will then configure my web browser to use that tunnel as a socks
+proxy. After this is setup all connections from firefox will be sent to
+the socks proxy listener, transit the secure connection, and egress to the
+correct target hosts and ports on the server's network.
- Use Case:
- I want to browse an internal website that requires multiple connections
- to multiple domains and IP addresses on many different ports. The ssh
- server (example.com) has the appropriate network connectivity to initiate
- all of these connections. I will create a dynamic tunnel proxy at port
- 9050. I will then configure my web browser to use that tunnel as a socks
- proxy. After this is setup all connections from firefox will be sent to
- the socks proxy listener, transit the secure connection, and egress to the
- correct target hosts and ports on the server's network.
-
- ssh example.com -D 127.0.0.1:8080
+```
+ssh example.com -D 127.0.0.1:8080
+```
+## Quiz
- - QUIZ:
- - If a target_host is specified as a dns name, where is that name resolved?
+If a `target_host` is specified as a DNS name, where is that name resolved?