openssh - reverse shell
goals:
- connect with
autossh
- start on boot with
crontab
|systemd.timer
client side - install software & create keypair
## create 4096 bit ssh rsa keypair
> ssh-keygen -b 4096
## install autossh
> pkg_add autossh
server side - edit /etc/ssh/sshd_conf
# allowed command must be configured in /root/.ssh/authorized_keys
PermitRootLogin forced-commands-only
# allow connect from forwarded ports
GatewayPorts yes
# seconds before sending a null packet to the client
ClientAliveInterval 600
edit /root/.ssh/authorized_keys
to allow ssh tunnel only
## one command per line
command="echo 'Tunnel only!'" ssh-rsa AAAA...
client side - testing forward port 22
, 80
& 443
## autossh
> autossh -M 30060 -N \
-R 22:localhost:22 \
-R 80:localhost:80 \
-R 443:localhost:443 \
-o "ServerAliveInterval 30" \
-o "ServerAliveCountMax 3" \
-p222 \
root@example.com
client side - autostart on boot with crontab
edit /etc/cron.d/autossh
@reboot autossh -M 30060 -N -R 22:localhost:22 -R 80:localhost:80 -R 443:localhost:443 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -p222 root@example.com
done
use that part if you want to use only ports higher than
1023
server side - add user with useradd
but without password
> useradd -m tunnel
server side - edit /home/tunnel/.ssh/authorized_keys
to allow ssh tunnel only
## one command per line
command="echo 'Tunnel only!'" ssh-rsa AAAA...
05-12-2020