SSH ssh -i </path/to/key> <target> # a key specified with -i will only apply to <target> # will not apply to <intermediatetarget> or <remotetarget> or etc! # if you need this functionality, use an ssh config file ssh -W <user>@<intermediatetarget> <user>@<target> # ssh to an intermediate target before sshing to the main target # possibly combinable with -L? ssh -L <localport>:<remotetarget>:<remoteport> <user>@<target> ssh <user>@<remotetarget> # create tunnel with listener on localhost # packets go through tunnel, to <target>, and from there to <remotetarget>:<remoteport> # <remotetarget>:<remoteport> does not get resolved until you get to <target> # there is always an implicit <localhost> in front of <localport>; this means that # can use with VNC like so: ssh -L <localport>:<remotetarget>:<remoteport> <user>@<target> ssh <user>@<remotetarget> vncserver # configure tunnel and VNC server # note session number of new VNC server! # <localport> and <remoteport> must equal session number of new VNC server + 5900 # do not close the terminal window! will break the tunnel and yr VNC connection run TigerVNC<59xx> # then, from local machine again, connect to the VNC server # some VNC viewers require the port number, some require the session number # if one does not work for you, try the other ssh-keygen # keys go in the ~/.ssh dir, which must have perms of 700 # default keypair names: id_rsa, # if different names, use -i to tell ssh which keys to use # -t rsa -b 4096 -- also good vi ~/.ssh/config chmod 644 ~/.ssh/config man ssh_config # use an ssh config file to do cool stuff! # anything that uses ssh "under the hood" will look at this config file # this includes: ssh, scp, git, and more # set defaults to apply regardless of <target>: <setting> <value> # set defaults on a per-target basis: Host <target> <setting> <value> # set nickname/alias for target (to reach it by running `ssh nickname` or `ssh alias`): Host <nickname>,<alias> HostName <target> # set username to use when connecting to target: Host <target> User <user> # set a default key to use for a particular target: Host <target> IdentityFile </path/to/key> # ssh to an intermediate target before sshing to the main target: !! is the order ok here, or does the <intermediatetarget> IdentityFile need to be specified before the <target> ProxyJump? Host <target> ProxyJump <user>@<intermediatetarget> Host <intermediatetarget> IdentityFile </path/to/key> # may be necessary, because -i only applies to <target> not <intermediatetarget> # equivalent of the -L stuff above; refer to those notes Host <nickname>,<alias> LocalForward<localport> <remotetarget>:<remoteport> ProxyJump <target> HostName <remotetarget> !! is the HostName correct? should it be <remotetarget> or <target>? # keep your session alive longer (unless session length limited by the server): Host <target> ServerAliveInternal 60 ServerAliveCountMax 15 passwordless SSH! # may combine with putting the target's IP in /etc/hosts for fast and easy SSHing VNC vnc section goes here because there is already stuff about it on this page with ssh change name: remoting? not ssh vncserver -list # check if there is a vncserver session running on the remote machine to connect to vncserver [:<portnumber>] # start a vncserver session # how to config passowrd protect???? # VNC passwords are insecure! # only considers the first 8 characters(?) # etc etc vi ~/.vnc/xstartup # different configs required for different desktop environments # if misconfigured, will cause VNC window to be gray with some checkboxes; won't show remote machine # if anaconda is in path, will cause issues # echo $PATH to check chmod +x ~/.vnc/xstartup # it must be executable # MATE config <config file to copy+paste goes here> # XFCE config <config goes here> # KDE config <config> ???? -R <remoteport>:<remotetarget>:<remoteport> # create tunnel with listener on remotehost; packets go through tunnel, to <target>, and from there to <localhost>:<localport>