![]() ![]() Your identification has been saved in /home/$USER/.ssh/id_rsa. So: ssh -r :localhost:localport ssh-keygenĮnter file in which to save the key (/home/$USER/.ssh/id_rsa):Įnter passphrase (empty for no passphrase): ![]() This time the security sees that these are friends and they get let in. Now you can go back over again, and tell them to knock. So you have them make a key card there and you bring it back to your own world and tell your own security "this key card is good, let them in". They attempt to go through the port but cant get in because you have not yet authorized them to come over and security isn't having it today. You jump through red port, but the people at the other end don't know where blue port is, so you have to tell them where the blue port is. You want another world to send you stuff but they can't because you are in a secret location, so you make a red port and a blue port into the other world. If there is no key at the other end of the port, it wont work. Since it is a portal into your home, it will look there for the key. When it connects to the port, it will still need ask for permission through the port to send commands down. It is easy to get confused with this because you are using "localhost" as the address, but just imagine it that you are opening a portal into a remote location at some random port, and then acting as that remote user to connect from that location to the port you made. Reverse SSH connects to a local port, which is in reality your own local machine, so it will be looking for a public key on your local machines authorized_keys file that does not exist. The public key of the machine you are trying to reverse ssh from to needs to exist on the authorized_keys file on your local machine. My answer was probably pretty basic and a typical beginner mistake, and may not be your answer, but I will post this here just in case someone else is having trouble and this helps them: I have been struggling with this for awhile too. I foud out that when I use autossh -M 20000 -R 19999:localhost:22 -i mycert.pem, I can actually establish a connection just fine but the target machine then will remain logged in which is not quite what I want! Why would -fN cause this notto work? What's happening here? Why would it not let me connect? OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g ĭebug1: Reading configuration data /etc/ssh/ssh_configĭebug1: /etc/ssh/ssh_config line 19: Applying options for *ĭebug1: Connecting to localhost port 22.ĭebug1: key_load_public: No such file or directoryĭebug1: identity file /home/ubuntu/.ssh/id_rsa type -1ĭebug1: identity file /home/ubuntu/.ssh/id_rsa-cert type -1ĭebug1: identity file /home/ubuntu/.ssh/id_dsa type -1ĭebug1: identity file /home/ubuntu/.ssh/id_dsa-cert type -1ĭebug1: identity file /home/ubuntu/.ssh/id_ecdsa type -1ĭebug1: identity file /home/ubuntu/.ssh/id_ecdsa-cert type -1ĭebug1: identity file /home/ubuntu/.ssh/id_ed25519 type -1ĭebug1: identity file /home/ubuntu/.ssh/id_ed25519-cert type -1ĭebug1: Enabling compatibility mode for protocol 2.0ĭebug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4ĭebug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.4ĭebug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 pat OpenSSH* compat 0x04000000ĭebug1: Authenticating to localhost:22 as 'ron'ĭebug1: kex: algorithm: kex: host key algorithm: ecdsa-sha2-nistp256ĭebug1: kex: server->client cipher: MAC: compression: noneĭebug1: kex: client->server cipher: MAC: compression: noneĭebug1: expecting SSH2_MSG_KEX_ECDH_REPLYĭebug1: Server host key: ecdsa-sha2-nistp256 SHA256:kT8pM3YwDEYqE+CFzyWQDiSVCLhgMjPLWBJXYPl1BZsĭebug1: Host 'localhost' is known and matches the ECDSA host key.ĭebug1: Found key in /home/ubuntu/.ssh/known_hosts:5ĭebug1: kex_input_ext_info: server-sig-algs=ĭebug1: Authentications that can continue: publickeyĭebug1: Next authentication method: publickeyĭebug1: Trying private key: /home/ubuntu/.ssh/id_rsaĭebug1: Trying private key: /home/ubuntu/.ssh/id_dsaĭebug1: Trying private key: /home/ubuntu/.ssh/id_ecdsaĭebug1: Trying private key: /home/ubuntu/.ssh/id_ed25519ĭebug1: No more authentication methods to try. Why would this be? The verbose option shows: $ ssh -v -P 19999 ![]() Now, when I try to access the machine from aws, I got the following: $ ssh -P 19999 ![]() I'm using autossh -M 20000 -fN -R 19999:localhost:22 -i mycert.pem to establish a reverse tunnel to my aws machine. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |