[ale] Using ~/.ssh/config Better?

JD jdp at algoloma.com
Fri Apr 22 14:23:40 EDT 2011


That first reference is EXTREMELY good with lots of non-trivial
examples. Thanks.

I am sorta shocked that you use port 22, however.  I'm running Fail2Ban,
but don't want to see any logs that aren't important so listening on a
non-default port nearly eliminates those bogus attempts.

Is there a reason to ssh listen on port22 besides habit?
Perhaps your firewall allows outbound connections on that port?
Where I've worked, I always had to move my ssh listener to port 443 to
get outside at all.  Anything that didn't go through their webproxy was
blocked on internal desktop subnets.



On 04/22/2011 09:25 AM, James Sumners wrote:
> The only thing that came to mind immediately is tunnels. So I did a
> quick search to see how one would configure a tunnel in their config
> file. I came upon [1] which details it exactly. [1] also looks to have
> some more answers for your question. Anway, here's how to setup a
> tunnel in your config:
> 
> ==============
> Host myTunnel
>   # The tunneling host
>   Host ssh.example.com
>   Port 22
> 
>   # Forward your local port to some remote port over the tunnel
>   LocalForward localhost:4443 supersecret.com:443
> ==============
> 
> Then you open https://localhost:4443/ in a web browser on your local
> machine and get the page at supersecret.com over your SSH tunnel.
> 
> [1] -- http://magazine.redhat.com/2007/11/27/advanced-ssh-configuration-and-tunneling-we-dont-need-no-stinking-vpn-software/
> [1] -- http://tinyurl.com/c7lejq
> 
> On Fri, Apr 22, 2011 at 9:13 AM, JD <jdp at algoloma.com> wrote:
>> Besides using key-based authentication with this
>> file, are there other uses or tricks that I could be using with this
>> file to further simplify ssh, sftp, scp, rsync, rdiff-backup and other
>> ssh-based connections?
> 
> 
> 


-- 
JD Pflugrath
 Value | Results
Direct: 678.685.8882
Ofc: (866) 963-2546
Managing Director
Algoloma Systems, LLC


More information about the Ale mailing list