listening on 0.0.0.0 port 10222.
- EXPECT spawn ssh ProxyCmd
exp_cmd="set timeout 10
spawn ssh $login@$target_ip -p 22 -o \"ProxyCommand=ssh -p 22 root@$jump_ip -W %h:%p\";
expect \"password\"
"
expect -c "$exp_cmd" > $conf_log
- ssh ProxyCommand
ProxyCommand ssh ssh_jump_host "nc %h %p"
─ One layer of encryption
═ Two layers of encryption
┏━━━━━━━━━━━━━━┓ ┏━━━━━━━━━━━━━┓ ┏━━━━━━━━━━━━━━━━━┓
┃ SSH client ┃══════════┃ Jump host ┃──────────┃ Target server ┃
┗━━━━━━━━━━━━━━┛ ┗━━━━━━━━━━━━━┛ ┗━━━━━━━━━━━━━━━━━┛
ssh liam@10.10.10.167 -p 22 -o ProxyCommand='ssh -p 22 root@192.168.234.4 -W %h:%p'
- SCP ProxyCmd
ssh_rsa file,no password input
scp -o ProxyCommand="ssh $jump_host nc $host 22" $local_path host:$destination_path
scp -o ProxyCommand="ssh -i /root/.ssh/ssh_rsa root@192.168.234.4 -W %h:%p" /tmp/file liam@10.10.10.166:root/file
echo "74gwRasdClz9kjvw" | openssl enc -d -base64 -aes-256-ctr -nopad \
-nosalt -k "$(sha256sum "/root/.pki/cert.seed" | \
cut -d' ' -f1 | tr -d "\r\n")"
openssl enc -e "encrypt pwd"
- retrieve of CA certificate SHA1 fingerprint
keytool -printcert -file ca_cert.cer | \
egrep SHA1 | cut -d ':' -f 2-
- retrieve CA certificate Issuer
keytool -printcert -file ca_cert.cer | egrep Issuer \
| cut -d ',' -f 2
- console print pfx certificate info
openssl pkcs12 -in $radius_ecc_pfx.pfx -clcerts -out ecc_radius_cert.pem -nokey
res=“$(ipcalc -c -6 $ipv6_addr 2>/dev/null)"
- check status of radius database:
mysql -uradius —password=“xx” -e “USE radius;”
mysql -uroot —password=‘xxx’ radius < radius_scripts_path/schema.sql 2>/dev/null
ssh -o TCPKeepAlive=yes -o ConnectTimeout=30 -o StrictHostKeyChecking=no \
-i /root/.ssh/konw id_rsa 192.168.234.2 "vim-cmd vmsvc/power.on vmid”
网友评论