What's the best way to SSH to machines on the local network?

1

I have 2 computers, one that I use and one for the kids. I want to be able to ssh into their computer to control it (like to shut it down etc) but am curious the best way to do this. We both are in the same house and share the same internet connection.

What would be the best way to do this? From research, I read to install openssh-server on the remote computer but am stumped what to use for the hostname when trying to connect. Usually for VPS's it's the external IP but since we both share a wifi connection would it be the hardware IP? Should we be interfacing directly by LAN or by going through the internet?

Run:

avahi-browse -tl _workstation._tcp

To get a list of Ubuntu workstations in the local network, then you can connect to them by running:

ssh @.local

You can use the IP address to ssh into the kid's computer. If you want to use the computer name, edit your /etc/hosts file to include the computer name.

192.168.1.104 dad 192.168.1.105 kids

I...

0 0
2

I wonder what the best way to backup files VIA network

I have Solaris machines with Oracle 10i with VERITAS cluster, machines are connected to EMC storage

/data/oracle directory is mounted on the EMC storage

What I want is to backup /data/oracle directory (70G) on some backup machine VIA network (include soft links files), while the reliability of copying files is very very important

I checked and find some ideas to do that

For example the first option is to use rsync

rsync -WavH –progress /data/oracle $backup_server_ip:/Backup_dir

The second option: using is transfer files with tar option so we do both sides transfer files and compress files

cd /directory_that_we_want_to_backup tar cpf - . | bzip2 -c | ssh $backup_server_ip \ "cd /Backup_dir && bzip2 -d | tar xpf -"and so on

I need advice what is more reliable from the options below, and maybe there are other good options

For Solaris-only, look at "ZFS send" (assuming...

0 0
3

If you are the only one accessing the machine, I find it helps to keep your ssh logs clean by picking a non-standard port for ssh.

Yes, this is trivial to bypass if the attacker uses a botnet to do a simple port scan, so adds no security against a serious attacker (though it stops you from being the lowest hanging fruit). Still makes sense to have strong ssh passphrases/keys and other best practices (e.g., disable root logins). But on my VPS, I found it cut down failed login attacks that I would see in the logs from random IP addresses from thousands of attempts a day to zero in the past three months.

Basically just pick a port that isn't being used for other purposes (and I tend to pick ports that aren't used for anything by checking /etc/services to make sure you aren't using a well-known service -- and I also pick ports in the system port range less than 1024), for example 501. Then just do port forwarding in your router to forward incoming TCP requests on port 501...

0 0
4

Going local is fastest and most efficient for your question, so (1).

This all involves how your packet gets routed through your network.

The difference I can identify immediately from your simple description here is using a gateway versus going directly to the PC. By going to the external address, you will use the router (default gateway) and its resources in order to make the connection. If this router is being heavily utilized you will notice a significant reduction in your traffic throughput.

I'd first suggest checking out your routing table on the local system

user@server:~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.11.0.1 0.0.0.0 UG 0 0 0 eth0 10.11.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0

You can see with my configuration that if I reference a system on the local network (i.e. 10.11.2.200) it will go directly to that system. If I have a NAT...

0 0
5

SSH is a powerful tool with more uses than simply logging into a server. This protocol, which stands for Secure Shell, provides X11 forwarding, port forwarding, secure file transfer, and more. Using SSH port forwarding on a compromised host with access to a restricted network can allow an attacker to access hosts within the restricted network or pivot into the network.

In this article, we'll look at one of the SSH port forwarding options, local port forwarding. Since this can be somewhat confusing, I'd like to talk a little bit about the idea of port forwarding first.

Why Port Forwarding Is Important

When we think of port forwarding, we usually think of it in the terms of a router. With a typical home internet setup, the router is connected to the WAN (wide area network), and it will have an IP address assigned by the ISP (internet service provider). On the other side of the router, you have your LAN (local area network). Hosts within the LAN are generally...

0 0
6

You need to scp something somewhere. You have scp ./styles/, so you're saying secure copy ./styles/, but not where to copy it to.

Generally, if you want to download, it will go:

# download: remote -> local scp user@remote_host:remote_file local_file

where local_file might actually be a directory to put the file you're copying in. To upload, it's the opposite:

# upload: local -> remote scp local_file user@remote_host:remote_file

If you want to copy a whole directory, you will need -r. Think of scp as like cp, except you can specify a file with user@remote_host:file as well as just local files.

Edit: As noted in a comment, if the usernames on the local and remote hosts are the same, then the user can be omitted when specifying a remote...

0 0
7

I'm trying to do something rather unusual (for me anyway) with SSH and I can't get it to work, hopefully you can help.

I want to establish a connection to a remote server from my Mac using SSH. So far so good. Now the tricky bit, with the connection to the remote server established I want to then initiate a connection from the remote server BACK to the local machine. I know, crazy. Basically I need to jump through these hoops to be able to browse the remote server and then send file information back to my local machine so it can be dealt with by an application on the local machine. Hopefully that makes sense!

At the moment if I SSH back to the local machine once I am logged in to the remote server, the terminal will just sit there whirring away, no errors even with -v.

I am trying to discover where I should be calling by looking at the output of the $SSH_CLIENT variable, but I'm on a standard vanilla internet connection (no static ip address) I think this might...

0 0
8

The answer to your question, as stated is "No, there is no notable risk to your other devices from those open ports to your Raspberry Pi." However, if someone is to compromise you, they'd need to first compromise your Pi and then use that. Any vulnerabilities would require:

That someone is able to compromise either SSH or HTTP on the Raspberry Pi That there is something that they can do with that information.

Practically, if you have a secure SSH setup and are running your HTTP server in a way that is secure, it is very unlikely that anyone could do anything. If they did, they'd need to compromise. If you use keys for SSH login and don't do anything non-standard for HTTP, you should be plenty good. You can also change the SSH port to run on a non-standard port and that will obscure things slightly, though it will not change the theoretical...

0 0
9

Many web developers use SSH ("Secure Shell") on a daily basis to manage their servers, back up files, work remotely, and a myriad of other tasks. Today, I'll explain what SSH is, do a brief history review, and, lastly, teach you how to set it up on your remote server or even your local network. Let's get started!

A Starting Explanation

If you're reading this, it's likely that you're at least somewhat acquainted with Terminal (or on Windows, something like Cygwin). If so, then you will understand this quick functional explanation of SSH.

SSH is essentially using a network connection to get into Terminal on another computer.

If you aren't familiar with Terminal, there are a lot of explanations and beginner's guides to Terminal, both here on Nettuts+ and elsewhere. The power of SSH is reliant on its simplicity; by offering you access to the Terminal of another machine, SSH cuts to the chase and gives you full control over a remote machine. If you...

0 0
10

Questions:

I came across this awesome library xterm.js which is also the base for Visual Studio Code’s terminal. I have a very general question.

I want to access a machine(ssh into a machine ) on a local network through a web based terminal(which is out of network, may be on a aws server). I was able to do this in a local network successfully but I could not reach to a conclusion to do it from Internet–>local network .

As an example – An aws server running the application on ip 54.123.11.98 which has a GUI with a button to open terminal. I want to open terminal of a local machine which is in a local network somewhere behind some public ip on local ip 192.168.1.7.

Can the above example be achieved using some sort of solutions where i can use xterm.js so that I don’t have to go for building a web based terminal? What are the major security concerns I should keep in mind while exposing the terminals this way ?

I was thinking in line with using a...

0 0
11

We now embark on a detailed discussion of SSH server configuration, using both keywords and command-line options. Please keep in mind that SSH2 and OpenSSH are still evolving products and their features may change. Be sure to read their documentation for the latest information. SSH1 is no longer actively developed, so its feature set is unlikely to change. We begin with initial setup decisions, such as: where should important files be kept? What should their permissions be? What TCP/IP settings should be used? What are the properties of the server key? Which encryption algorithms are supported?

5.4.1. File Locations

sshd

expects certain files to exist, containing the server's host key, the random seed, and other data. The server looks for these files in default locations, or you may override them with keywords and command-line options as described later. Although you may place these files anywhere you like, we strongly recommend keeping them on a local disk on...

0 0
12

I recently had the following problem:

From an unattended shell script (called by Jenkins), run a command-line tool that accesses the MySQL database on another host. That tool doesn't know that the database is on another host, plus the MySQL port on that host is firewalled and not accessible from other machines.

We didn't want to open the MySQL port to the network, but it's possible to SSH from the Jenkins machine to the MySQL machine. So, basically you would do something like

ssh -L 3306:localhost:3306 remotehost

… well, and then what? Now you have a shell on the remote machine open and your script execution stops until that connection is terminated again.

Putting SSH in the background

If you want your local script to continue to run, you'd possibly send that SSH process to the background using something like ssh -L 3306:localhost:3306 remotehost & (note the ampersand) or ssh -fN -L 3306:localhost:3306 remotehost (with -f for "fork into background" and...

0 0
13

Around 18 months ago, I built a desktop computer so I would have a little more firepower at my fingertips when I needed it. My hope was to avoid having to pay for cloud computing services during Kaggle competitions and other side projects. Early on, I realized that it would be nice to be able to use this machine remotely, so I found a few resources for setting up your home PC as an SSH server. However, I was not able to find a single resource that provided enough background information that I was not just copy/pasting the commands.

Although no advanced knowledge of any particular topic is required to set up your own SSH server, there are many concepts to get your head around. I will explain more detail below, but the short version is that an SSH server is a process running on your computer that waits for outside computers to request access via a specific port, authenticates that user, and then allows access to the computer. If half of those terms do not make sense, do not...

0 0
14

Advertisement

Just like stepping out the front door, heading online has risks. There’s no need to bury your head in the sand, but there are times when you would like privacy, and it’s not unreasonable to expect a degree of safety.

SSH and VPN aren’t competing technologies. They both came about to solve different problems, and they function in dissimilar ways. But both enhance your online experience with a degree of privacy and protection.

So which do you use, when, where, and why?

What Is SSH?

SSH stands for Secure Shell. To understand what that means, we should probably define a few terms.

First there’s shell. A shell is a piece of software that allows you to communicate with the core of your operating system. This is typically done via a command line interface.

You don’t need to be at a computer to access a shell. A shell account is a personal account that lets you access a shell from a different computer. These used to be...

0 0
15

Sorry, no. Questions on this forum are supposed to be answered on this forum, so people googling these threads find answers rather than useless unanswered questions.

I've found the manual for your router and am reading. One moment.

---------- Post updated at 09:09 AM ---------- Previous update was at 09:05 AM ----------

Log into your router, click the 'access' button on the far left column, and under it, 'virtual server'.

You need to create a new virtual server. Name it 'ssh'. The protocol must be TCP. The private port and public port both need to be 22. The 'lan server' must be the IP address of the one you want to receive SSH connections. Then click 'add'.

If you want two different servers to receive SSH, you'll need to give them different public ports. The private ones can probably stay at 22 to avoid needing custom configuration in your servers.

Make sure the IP addresses for these servers never change. You may want to set them...

0 0
16

There are two ways to create an SSH tunnel, local and remote port forwarding (there’s also dynamic forwarding, but we won’t cover that here). The best way to understand these is by an example, let’s start with local port forwarding.

Imagine you’re on a private network which doesn’t allow connections to a specific server. Let’s say you’re at work and imgur.com is being blocked. To get around this we can create a tunnel through a server which isn’t on our network and thus can access Imgur.

The key here is -L which says we’re doing local port forwarding. Then it says we’re forwarding our local port 9000 to imgur.com:80, which is the default port for HTTP. Now open your browser and go to http://localhost:9000.

The awesome thing about SSH tunnels is that they are encrypted. Nobody is going to see what sites you’re visiting, they’ll only see an SSH connection to your server.

Connecting to a database behind a firewall

Another good example is if you need...

0 0
17

Let’s say that we wanted to connect an Ethernet cable from Ethernet port of one computer to Ethernet port of another computer. I want to be able to SSH into the other machine from my computer given that I know the other machine’s password or have an authenticated SSH key.

You can also SSH to a series of machines if you have a switch with all the other machines connected to that switch through Ethernet cables. The switch is basically a hub point where all the machines can connect their Ethernet cables to and be able to access every other machine on the local area network.

Let’s talk about how to SSH from 1 computer to another computer when the Ethernet cable from port to port of the two computers. One of the computers is my Windows 10 laptop. The other computer is an Ubuntu 16.04 server.

Step 1) Start the SSH server on the Ubuntu 16.04 computer.

First, we make sure that we have the OpenSSH server installed. We will require Internet...

0 0
18

First set up the tunnel like so:

ssh -D 8080 -N REMOTEUSER@REMOTEHOST

You can also add the -f switch to make this run in the background. What this does is to forward connections to port 8080 on the local machine to the remote server over SSH (i.e. encrypted).

Once it's active, you can configure applications to use the tunnel by setting up a SOCKS 4 or 5 proxy for them.

In Firefox, go to Edit > Preferences, then choose the Network tab on the Advanced subpage. Click the Settings.. button at the top next to Configure how Firefox connects to the Internet.

Select Manual proxy configuration, and enter localhost in the SOCKS Host textbox, and 8080 for the port. This will now send connections through your SSH tunnel. If you want, you can also use the DNS server at the remote location by entering about:config into Firefox's address bar, and toggling the network.proxy.socks_remote_dns setting to true.

You can configure Pidgin in a similar way. It...

0 0
19

Posted by prhlava on Thu 7 Sep 2006 at 15:08

One can do a lot more with ssh than use it for remote terminal session. Here we'll show how to copy files using ssh, use ssh as part of a pipe, vnc or samba forwarding via ssh and mounting filesystems using ssh (fuse + sshfs)

(Several of these subjects have been covered upon this site before.)

Contributors:

Sebastian Broekhoven pointed to obvious method of file copying over ssh - the scp command. http://www.thenetwork.nl Hardik Dalwadi showed the simple method of taking advantage of log-in without password (section 6.1). http://www.biostat.jhsph.edu/bit/nopassword.html

the

version with pictures

The scp can be used to copy file(s) between two remote ssh server machines and copy files from local to remote or from remote to local.

It has options to (for more see the man page):

turn on ssh compression (-C) preserve mode, access time and modification time (-p) do recursive copy (-r)

To copy...

0 0
20
...
0 0
21

Scenario: On your local computer, you want to open and manipulate an IPython notebook running on a remote computer. We will do this by opening an SSH tunnel. This tunnel will forward the port used by the remotely running IPython instance to a port on the local machine, where it can be accessed in a browser just like a locally running IPython instance.

On the remote machine, start the IPython notebooks server:

remote_user@remote_host$ ipython notebook --no-browser --port=8889

Usually IPython opens a browser to display the available notebooks, but we do not need that so we use the option --no-browser. We also change the port to 8889, for no other reason than to show how this is done.

On the local machine, start an SSH tunnel:

local_user@local_host$ ssh -N -f -L localhost:8888:localhost:8889 remote_user@remote_host

The first option -N tells SSH that no remote commands will be executed, and is useful for port forwarding. The second option -f has the effect...

0 0
22

I came across this awesome library xterm.js which is also the base for Visual Studio Code's terminal. I have a very general question.

I want to access a machine(ssh into a machine ) on a local network through a web based terminal(which is out of network, may be on a aws server). I was able to do this in a local network successfully but I could not reach to a conclusion to do it from Internet-->local network .

As an example - An aws server running the application on ip 54.123.11.98 which has a GUI with a button to open terminal. I want to open terminal of a local machine which is in a local network somewhere behind some public ip on local ip 192.168.1.7.

Can the above example be achieved using some sort of solutions where i can use xterm.js so that I don't have to go for building a web based terminal? What are the major security concerns I should keep in mind while exposing the terminals this way ?

I was thinking in line with using a fixed intermediate...

0 0
23

SSH is the most popular and secure method for managing Linux servers remotely. One of the challenges with remote server management is connection speeds, especially when it comes to session creation between the remote and local machines.

There are several bottlenecks to this process, one scenario is when you are connecting to a remote server for the first time; it normally takes a few seconds to establish a session. However, when you try to start multiple connections in succession, this causes an overhead (combination of excess or indirect computation time, memory, bandwidth, or other related resources to carry out the operation).

In this article, we will share four useful tips on how to speed up remote SSH connections in Linux.

1. Force SSH Connection Over IPV4

OpenSSH supports both IPv4/IP6, but at times IPv6 connections tend to be slower. So you can consider forcing ssh connections over IPv4 only, using the syntax below:

# ssh -4 [email protected]...
0 0
24

In this tutorial I will describe the required steps for setting up a distributed, multi-node Apache Hadoop cluster backed by the Hadoop Distributed File System (HDFS), running on Ubuntu Linux.

Hadoop is a framework written in Java for running applications on large clusters of commodity hardware and incorporates features similar to those of the Google File System (GFS) and of the MapReduce computing paradigm. Hadoop’s HDFS is a highly fault-tolerant distributed file system and, like Hadoop in general, designed to be deployed on low-cost hardware. It provides high throughput access to

In a previous tutorial, I described how to setup up a Hadoop single-node cluster on an Ubuntu box. The main goal of this tutorial is to get a more sophisticated Hadoop installation up and running, namely building a multi-node cluster using two Ubuntu boxes.

This tutorial has been tested with the following software versions:

Ubuntu Linux 10.04 LTS (deprecated: 8.10 LTS, 8.04,...
0 0