ssh | OpenSSH - with TCP port forwarding | ssh通过 tcp转发数据 | ssh 隧道

这篇具有很好参考价值的文章主要介绍了ssh | OpenSSH - with TCP port forwarding | ssh通过 tcp转发数据 | ssh 隧道。希望对大家有所帮助。如果存在错误或未考虑完全的地方,请大家不吝赐教,您也可以点击"举报违法"按钮提交疑问。

讲的会有点啰嗦
一次抓包 发现的问题
tcpdump -vvv -X -n -i any -s0 host “xx.xx.xx.xx” and port 22 -w xxx.pcap
然后从数据中发现了一问题,总所周知,ssh 通过加密的方式传递数据 多以 也会把 ssh 当作隧道 通信
然后在抓的数据中发现了一些 tcp协议的数据包,然后分析这些包,全都是建立通信的包,然后再google

OpenSSH provides TCP port forwarding, also known as tunnelling, which allows other TCP applications to forward their network data over a secure SSH connection. In other words, existing TCP applications that do not encrypt their data before sending it across the network can send their network traffic through an SSH channel, thereby securing it.

Without TCP forwarding, an application’s client connections directly to its server across the network, as shown in Figure 1. To use port forwarding, an existing SSH session must exist.

简单粗俗的理解,我们使用ssh 对linux 操作 就是这个原理,进程间的通信本地 client port2001 tcp server port 27 在传输数据的使用采用ssh 隧道 port 22
所以当重点在ssh 隧道时, 数据转发 也就是tcp forword

好像理解这个也没有多大的作用

ssh | OpenSSH - with TCP port forwarding | ssh通过 tcp转发数据 | ssh 隧道,综合部,操作系统,tcp/ip,ssh,网络

ssh | OpenSSH - with TCP port forwarding | ssh通过 tcp转发数据 | ssh 隧道,综合部,操作系统,tcp/ip,ssh,网络

ssh | OpenSSH - with TCP port forwarding | ssh通过 tcp转发数据 | ssh 隧道,综合部,操作系统,tcp/ip,ssh,网络

ssh | OpenSSH - with TCP port forwarding | ssh通过 tcp转发数据 | ssh 隧道,综合部,操作系统,tcp/ip,ssh,网络

####################################################
有一点需要注意的是,数据包中的真实内容如果不采用加密的方式,那谁都可以看到,也就是我们常说的光膀子跳舞 然后虽然抓包能获得原始数据 比如 以十六进制展示,但是 这数据的转义后的意义你是不了解的。

###################################################
ssh 通信 原理 流程

Authentication
The first step is that the SSH server and client authenticate themselves to one another. The server sends a certificate to the client to verify that it is the correct server. When making contact, there is the risk that a third party will get between the two participants and therefore intercept the connection. Since the certificate itself is also encrypted, it cannot be imitated. Once the client knows what the correct certificate is, no third parties can contact the relevant server.

After server authentication, however, the client must also identify itself as being authorized to access the server. A password can be used for this purpose. This (or the encrypted hash value of it) is stored on the server. As a result, users must enter their password each time they log onto the different server during the same session. For this reason, there is an alternative method of client-side authentication using the key pair public key and private key.

The private key is created individually for your own computer and secured with a passphrase that should be longer than a typical password. The private key is stored exclusively on your own computer and always remains secret. If you want to establish an SSH connection, just enter the passphrase and you will gain access to the private key.

There are also public keys on the server (just like on the client itself). The server creates a cryptographic problem with its public key and sends this to the client. The server then decrypts the problem with its own private key, sends the solution back, and informs the server that it is allowed to establish a legitimate connection.

During a session, you only need to enter the passphrase once to connect to any number of servers, At the end of the session, users should log off from their local computers to ensure that no third party with physical access to the local computer can connect to the server.

Encryption
After mutual authentication, the two communication participants establish an encrypted connection. To do this, a key is generated for the session, which expires when the session is over. This is not to be confused with the public/private key pairs, which are only used for key exchange. The key used for symmetric encryption is only valid with this one session. Both client and server have the same key, so any messages that are exchanged can be encrypted and decrypted. Client and server create the key simultaneously, but independently of one another. In the so-called key change algorithm, both parties use certain public and secret information to create the key.

Another form of encryption takes place in SSH through hashing. A hash is a form of signature for the transmitted data. An algorithm generates a unique hash from the data. If data is manipulated, the hash value changes automatically. This way the recipient can know whether data has been changed by third parties along the way. The hash values are designed in such a way that they cannot be easily simulated. It’s not possible to create two different transmissions with the same hash – this is known as collision protection.

SSH ports
TCP ports are endpoints that open servers and clients to enable communication. As with a port, the communication partners receive and send the data packets via these ports. TCP has an address space of 16 bits and therefore 65535 ports are available. However, the internet assigned numbers authority (IANA) has assigned a number of ports (exactly 1024) for certain applications, including the SSH port. By default, all SSH connections run on port 22.

##################################################
参考1
参考2文章来源地址https://www.toymoban.com/news/detail-819259.html

到了这里,关于ssh | OpenSSH - with TCP port forwarding | ssh通过 tcp转发数据 | ssh 隧道的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处: 如若内容造成侵权/违法违规/事实不符,请点击违法举报进行投诉反馈,一经查实,立即删除!

领支付宝红包 赞助服务器费用

相关文章

  • logstash 消费kafka数据,转发到tcp端口

    ./bin/logstash -f /xx/xx.yml

    2024年02月09日
    浏览(34)
  • 如何在Windows通过固定tcp公网地址ssh远程访问本地Kali Linux

    本文主要介绍如何在Kali系统编辑SSH配置文件并结合cpolar内网穿透软件,实现公网环境ssh远程连接本地kali系统。 默认新安装的kali系统会关闭ssh 连接服务,我们通过命令打开: 启动后我们查看ssh 状态,active 表示ssh 正常运行 通常ssh 是使用账号或者密码进行登录连接,所以还需要开

    2024年04月23日
    浏览(48)
  • powershell 接收一个端口tcp数据复制转发到多个目的

    在 PowerShell 中,你可以使用  New-Object  来创建  System.Net.Sockets.TcpListener  和  System.Net.Sockets.TcpClient  对象,从而接收一个 TCP 端口的数据并将其转发到多个目的地。下面是一个 PowerShell 脚本示例,该脚本展示了如何从一个 TCP 端口接收数据并将其复制到多个目标地址: 在这个

    2024年02月21日
    浏览(38)
  • 如何通过port-forward命令在本地访问 k8s 集群服务

    公众号「架构成长指南」,专注于生产实践、云原生、分布式系统、大数据技术分享 在我们访问k8s中的pod服务时,一般通过node port映射pod端口进行访问,还有一种是通过ingress或者istio通过域名方式来访问,虽然两种方式能满足我们需求,但是如果针对临时访问,配置起来还是

    2024年02月04日
    浏览(60)
  • docker端口含义(docker容器端口映射、容器内部端口)(port/tcp、0.0.0.0:port1->port2/tcp、:::port1->port2/tcp)

    其中: port/tcp 表示容器内部的端口号和协议类型; 0.0.0.0:port1-port2/tcp 表示将主机的端口号映射到容器内部的端口号,其中 0.0.0.0 表示监听所有的网络接口; :::port1-port2/tcp 表示将主机的端口号映射到容器内部的端口号,其中 ::: 表示监听所有的IPv6网络接口。 注意: port/tcp 显

    2024年02月14日
    浏览(30)
  • TCP Port numbers reused

    TCP Port numbers reused - 知乎 (zhihu.com) (608条消息) tcp port numbers reused出现原因_高并发架构的TCP知识介绍_weixin_39878698的博客-CSDN博客  7.5. TCP Analysis (wireshark.org) 网络不通,会报  这个错误... (608条消息) tcp port numbers reused出现原因_TCP连接出现大量TimeWait状态的连接-原因解析_weixin_3

    2024年01月25日
    浏览(80)
  • Nginx:转发TCP流量

    近日在使用Docker容器部署某代理应用的时候发现,该应用监听的是127.0.0.1:1080地址,所以正常情况只有本地的程序才能使用该代理,但实际需要的是局域网或公网用户都可以访问使用。 该代理应用使用的协议为 http/sock ,因此只要把外部网络的 TCP流量 转发到本地1080端口即可

    2024年02月04日
    浏览(41)
  • QT通过TCP协议发送结构体数据

    做上位机的时候下发数据,数据是一个结构体,这里就阐述一下怎么通过TCP协议发送结构体。 我自己写的时候主要通过两种方式,一种是memcpy,另一种是用QDataStream。 先在mainwindow.h头文件中定义结构体: 函数原型为void *memcpy(void *destin, void *source, unsigned n);函数的功能是从源

    2024年02月16日
    浏览(42)
  • Nginx之TCP端口转发

    场景:很多企业业务都在云上,数据库端口基本不会对外开放。开发、测试人员经常会有通过外网去访问数据库的需求,此时我们可以利用nginx的端口转发功能来实现。 前提条件 :Nginx实现TCP端口转发,需要依赖stream模块,即编译安装时带 --with-stream --with-stream_ssl_module 参数;

    2024年02月11日
    浏览(95)
  • nginx的TCP/UDP转发

    一、nginx的TCP/UDP转发   一)stream模块 1.9.0版之后nginx开始具有TCP/UDP的代理转发功能, 但需要手动安装stream模块 用nginx -V命令(注意V是大写, 可查询nginx已安装模块)查了一下, 我的nginx是1.16.0版本, 并且已经安装了stream模块(命令输出包含--with-stream)   二)配置 1、概述 TCP转发的配

    2024年02月10日
    浏览(37)

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

博客赞助

微信扫一扫打赏

请作者喝杯咖啡吧~博客赞助

支付宝扫一扫领取红包,优惠每天领

二维码1

领取红包

二维码2

领红包