Shulou(Shulou.com)06/01 Report--

This article will explain in detail how linux prevents the back door of SSH. The editor thinks it is very practical, so I share it with you as a reference. I hope you can get something after reading this article.

SSH back door

Many times, my site needed someone's remote support, but he was blocked by the company's fire prevention. Few people realize that if you can reach the outside through a firewall, you can easily let in external information. From the original intention, this is called "smashing a hole in the firewall". I call it the SSH back door. In order to use it, you must have a machine that acts as an intermediary to connect to the Internet. In this example, such a machine is called blackbox.example.com. The machine behind the corporate firewall is called ginger. The machines supported by this technology are called tech. Figure 4 illustrates the setup process.

Figure 4. Smash a hole in the firewall

Here are the steps:

Check what is allowed, but make sure you ask the right person. Most people are worried that you have opened the firewall, but they do not understand that it is fully encrypted. Moreover, the external machine must be cracked in order to enter the company. However, you may belong to the "aggressive" type. Make your own judgment in the way you should choose, but don't complain about others when you don't like it.

Use the-R flag to connect from ginger to blackbox.example.com via SSH. Suppose you are the root user on ginger, and tech needs the root user ID to help use the system. Use the-R flag to forward the description of port 2222 on blackbox to port 22 on ginger. This sets the SSH channel. Note that only SSH traffic can enter ginger: you don't put ginger on unprotected Internet. You can do this using the following syntax:

~ # ssh-R 2222:localhost:22 thedude@blackbox.example.com

After entering blackbox, you just need to stay logged in. I always enter the following command:

Thedude@blackbox:~$ while [1]; do date; sleep 300; done

Keep the machine busy. Then minimize the window.

Now instruct your friends on tech to connect to blackbox using SSH without using any special SSH tags. But you have to give them the password:

After root@tech:~# ssh thedude@blackbox.example.com tech is on blackbox, you can connect to ginger from SSH using the following command: thedude@blackbox:~$: ssh-p 2222 root@localhost

Tech prompts for a password. The root password of ginger should be entered. Now you and the support from tech can work together and solve the problem. You even need to use the screen together!

This is the end of the article on "how to prevent linux from SSH backdoor". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.