Categories
bash Learning Linux

ssh trick – ssh to remote host with bastion host

Lot of times, you have to ssh to a server with bastion host. If you dont know what is bastion host then see this:

bastion host

 

Now, in such cases, either you add an entry in “~/.ssh/config” to route the ssh through the bastion host or do ssh to bastion host and then ssh from there to the actual host. But wait, there is always a better way:

 

ssh -t <bastion host> ssh -t <actual host>

You can use the usernames as required for the 2 hosts and then you will have to enter passwords, first for the bastion host and then the actual host.

BTW, you can use tunneling options as well with the above command.

Categories
Linux

ssh – host hopping (with Jump host)

Most of the times I need to jump hosts with ssh. What do I mean by that. Let me try to explain :

Host Hopping

If I need to got to host h3 then I need to first login to h1 and from there to host h2 and finally to host h3. This can be done with .ssh/config file but for that I need to have some program like nc installed on all the hosts in between which might not be practical in all cases. So, here is something that I found very useful.

ssh -tt h1 ssh -tt h2 ssh -tt h3

In the above command, we can add usernames, if needed. And now for the best part, if we add entry for h2 in h1 and h3 in h2 in the .ssh/config file, then we don’t need to add usernames. Similarly setup passwordless ssh from h2 to h3 and h1 to h2 and you don’t need password for any of the hosts, how cool is that 🙂

Categories
Fedora Linux

ss – utility to investigate sockets.

Sometimes, you find some interesting application/command by accident, and that is just what happened a few days back. Well, I was doing a ssh and as usual made my share of mistake in typing and missed the “h” from the ssh command and saw a list of options instead of my prompt on remote server.

Now, that set me thinking and fond that its a very interesting command that comes with iproute on Fedoara, so if you want this command, then install iproute like this

1
 sudo yum install iproute

and then you can see the help with

1
man ss

 

By default, without any options you will see a list of all open sockets on your system.

There are a lot of options that you can use and couple of them are very interesting a useful.

-m — shows the memory

p — process associated with the socket.

-i — shows the TCP internal information

There are some other options which you might find useful.

Enhanced by Zemanta