cloud
/
docs
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
docs/docs/ssh-tricks.md

100 lines
3.3 KiB
Markdown
Raw Blame History

# SSH Tricks
Here are some useful SSH tricks for accessing your VM.
The commands below assume that the SSH public key on your personal machine
has already been copied to two places:
1. the `~/.ssh/authorized_keys` file in your CSC home directory
2. the `~/.ssh/authorized_keys` file of the default user in your VM
!!! Note
If you are having trouble with any of the commands below, please don't
hesitate to ask the [Systems Committee](mailto:syscom@csclub.uwaterloo.ca)
for assistance.
Most of the "tricks" below require ProxyJump to have been setup, so we suggest
reading that first.
## ProxyJump
To avoid having to manually SSH to a CSC machine before SSH'ing to your
VM, you can use the ProxyJump directive. For example, let's say your VM's
IP address is `172.19.134.121`, and you want to use `corn-syrup` as a jump
host.
Add a snippet similar to the following in your `~/.ssh/config` (on your
personal machine):
```sh
Host corn-syrup
HostName corn-syrup.csclub.uwaterloo.ca
# Replace this with your username
User ctdalek
Host ctdalek-vm1
# Replace this with the IP address of your VM
HostName 172.19.134.121
ProxyJump corn-syrup
# Replace this with the default user in your VM
User debian
```
Now you can connect to your VM by running
```sh
ssh ctdalek-vm1
```
!!! Note
If the name of your SSH key is not one of the default names (e.g. id_rsa,
id_ed25519), you may also need to specify the `IdentityFile` option.
## Port forwarding
Let's say you have a process bound to `localhost:8000` in your VM, and you'd like
to access it from your personal machine. Then you just need to run the following:
```sh
ssh -L 8000:localhost:8000 ctdalek-vm1
```
This will forward requests to `localhost:8000` on your personal machine to
`localhost:8000` on your VM.
If you want to fork the process to the background, here's one way to do it:
```sh
ssh -L 8000:localhost:8000 -CNfq ctdalek-vm1
```
Explanation:
* `-C`: compress (saves bandwidth)
* `-N`: don't execute a command on the server
* `-f`: fork the SSH process to the background
* `-q`: quiet (silences output)
## Reverse port forwarding
Let's say you have a process bound to `localhost:8000` on your personal machine,
and you'd like to access it from your VM. Instead of using `-L`, you want to use
`-R` instead:
```sh
ssh -R 8000:localhost:8000 -CNfq ctdalek-vm1
```
This will forward requests to `localhost:8000` in the VM to `localhost:8000` on
your personal machine.
## SOCKS proxy
You probably won't need this one, but it's good to know. This basically allows
you to use a CSC machine as a proxy for *all* of your Internet traffic for a
particular application. It's useful when you need to access a website which
is only available from the campus network.
First, let's run a SOCKS proxy on e.g. `localhost:8132`:
```sh
ssh -D 8132 -CNfq corn-syrup
```
You now need to configure your application to use the proxy. For example, in
Firefox, you can do the following:
* Visit `about:preferences` in the URL bar
* Scroll to the bottom, and click the Settings button under 'Network Settings'
* Select 'Manual proxy configuration'
* Enter 'localhost' as the SOCKS Host, and 8132 for the port. Also make sure
'SOCKS v5' is selected.
After pressing 'OK', you should now be able to visit websites using a campus
IP address.
Reference in New Issue View Git Blame Copy Permalink