tunnel through jump server

ssh -t L7070:localhost:7071 user@jumphost ssh -t -D7071 user@furtherhost
ssh -A -t -l user jump-host \
-L 8080:localhost:8080 \
ssh -A -t -l user webserver.dmz \
-L 8080:localhost:8080

open socks proxy on port 443 (hide as https) - requires sudo

sudo ssh -o ServerAliveInterval=60 -D443 -l pyratebeard -i ~/lib/key/ssh_tunnel -N -C -q -t -4 -f
  • -o ServerAliveInterval=60 -
  • -D443 -
  • -l pyratebeard -
  • -i ~/lib/key/ssh_tunnel -
  • -N - do not execute remote command
  • -C - compress data
  • -q - quiet
  • -t - force pseudo-terminal
  • -4 - use ipv4 only
  • -f - go to background

X11 forwarding

ssh -X user@host
  • on server side X11Forwarding must be set to yes in '/etc/ssh/sshd_config'

ssh host fingerprint

to find the fingerprint of a host

sudo ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
sudo ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key

remote host id has changed

if the fingerprint for the remote host has changed (and you are sure it's not a mitm attack) run the following to remove from 'known_hosts'

ssh-keygen -f $HOME/.ssh/known_hosts -R <hostname>


  • allow one user and all users in group
  • if only use AllowGroup it overrides the AllowUsers
    AllowUsers <username>
    Match group users
    	AllowUsers *


ssh guide

  • must have dns resolv on greyskull (and nublar for lxc)
  • must have short name in ssh/config on nublar for lxc
  • must have cert-auth known host on nublar for lxc