OpenSUSE Linux Tips, tricks, how-tos, opinions, and news
My Resume - My LinkedIn ProfileWhen you are forwarding ports through a tunnel, either locally or remotely (i.e., with the -L or -R switches), you can modify the session real-time. The way that you do this is after you start the session, you press SHIFT + ` + c (The ` key also has a ~ in it, which is the actual keypress sent to the session). If it doesn’t work the first time, press ENTER a couple of times and try it again. Once you get the “ssh>” prompt, type “?” for the commands you can put in. Here’s an example session:
[0908][scott@dev:~]$ ssh -R 8080:suseblog.com:8080 scott@suseblog.com Password: Last login: Thu Oct 15 11:59:43 2009 from 67.214.232.162 Have a lot of fun... [1109][scott@mail:~]$ [PRESS SHIFT + ` + c HERE] ssh> ? Commands: -L[bind_address:]port:host:hostport Request local forward -R[bind_address:]port:host:hostport Request remote forward -KR[bind_address:]port Cancel remote forward [PRESS ENTER HERE] [1110][scott@mail:~]$ [PRESS SHIFT + ` + c HERE] ssh> -R8080:letslearnlinux.com:1080 Forwarding port. [1110][scott@mail:~]$
OpenSSH has got to be one of the freakin’ sweetest tools *EVAR*. Anyway, enjoy!
I don’t like it when people try and hack my web servers. To make myself aware of people trying to access my ssh daemon, I wrote me a little script. Yup, I’m certainly aware of DenyHosts. Notwithstanding, in the hopes that this script may find use elsewhere, I post it here. Behold, enjoy, and chuckle a bit at how much better you could write it. Then, let me know how you’d improve it:
#!/bin/sh LOGFILE=/root/hack_attempts IFS=$'\n' PATTERN="^"`date --date="1 minute ago" "+%b %e %H:%M:"`"" tail -n 1000 /var/log/messages | grep ""$PATTERN"" | grep sshd | grep -i "invalid user" | grep " from " > "$LOGFILE" if [ $(stat -c%s "$LOGFILE") -gt 0 ] ; then echo "See the attached log for details" | mailx -a "$LOGFILE" -s "Possible hack attempt" YOUREMAIL@YOURDOMAIN.COM fi rm "$LOGFILE"
Copy it to your /root folder. Name it something cool like ‘ssh_foghorn’, and chmod +x it to make it executable. Put it in your /etc/crontab file to run once every minute. Make sure you set the system log to whatever your distro uses. And change the email address to your own. Doesn’t cure cancer, but for 8 lines of code, it does what it needs to.
Again, I’m sure there are better ways to do this, so let’s hear ’em!
S | M | T | W | T | F | S |
---|---|---|---|---|---|---|
« Feb | ||||||
1 | 2 | 3 | 4 | 5 | ||
6 | 7 | 8 | 9 | 10 | 11 | 12 |
13 | 14 | 15 | 16 | 17 | 18 | 19 |
20 | 21 | 22 | 23 | 24 | 25 | 26 |
27 | 28 | 29 | 30 | 31 |
67 queries. 1.117 seconds