Ssh: Difference between revisions
No edit summary |
|||
| Line 11: | Line 11: | ||
[root ~]# xauth add $(xauth -f ~ec2-user/.Xauthority list|tail -1) | [root ~]# xauth add $(xauth -f ~ec2-user/.Xauthority list|tail -1) | ||
[root ~]# xclock& # good to go! | [root ~]# xclock& # good to go! | ||
=== ProxyJump === | |||
You can set up a hostname configuration to jump directly through another machine if needed: | |||
* make sure you are running ssh>=7.3 everywhere | |||
** Cygwin on my Windows has a nice sshd, works out of the box for the most part, with ProxyJump capability. | |||
** Ubuntu must be 17.04 or newer. | |||
* configure a host shortcut AwsInstance from dmz to internet | |||
* configure a host shortcut DmzHostfrom lab to dmx | |||
* configure a host shortcut AwsInstanceJumpfrom lab to internet, with ProxyJump DmzHost | |||
Revision as of 21:27, 31 August 2017
Enable X11 forwarding
- server: install xauth
- server: enable in /etc/ssh/sshd_config
- server: make sure you have an X environment installed (install of any X app will pull it in)
- client: set default-on in /etc/ssh/ssh_config (in place of ssh -Y)
- client: make sure you have an X server environment - on windows, use x2go
- if you need to become root after you have ssh'ed (for example to run wireshark), do this magic to patch in x authorization, oh yeah!
sudo su - [root ~]# touch .Xauthority [root ~]# xauth add $(xauth -f ~ec2-user/.Xauthority list|tail -1) [root ~]# xclock& # good to go!
ProxyJump
You can set up a hostname configuration to jump directly through another machine if needed:
- make sure you are running ssh>=7.3 everywhere
- Cygwin on my Windows has a nice sshd, works out of the box for the most part, with ProxyJump capability.
- Ubuntu must be 17.04 or newer.
- configure a host shortcut AwsInstance from dmz to internet
- configure a host shortcut DmzHostfrom lab to dmx
- configure a host shortcut AwsInstanceJumpfrom lab to internet, with ProxyJump DmzHost