Let's say you have two systems that can connect to the same server. Client1 contains a private key and its SSH agent is forwarded to the server. Now you want to use a private key in that agent on Client2. There are ofcourse some security concerns when using SSH Agent Forwarding, so please do a proper security assessment before using any of this information.
------------
| SSH Server |
------------
/a. \b.
----------- ---------- -------------
| Client 1 | | Client 2 | c. | Auth.Server |
| |= | | |----| (eg Github) |
| | prv.key | | ssh/git/ | -------------
| O | | other |
----------- ----------
a. Setup an SSH connection from Client1 to the server, with SSH Agent Forwarding.
On to the server find the socket you want to use. Assuming the sockets are in /tmp/ssh-* and named agent.*, you can use:
server> for SOCK in /tmp/ssh-*/agent*; do export SSH_AUTH_SOCK=$SOCK; echo $SSH_AUTH_SOCK; ssh-add -l; echo; done
b. Copy or note the path of the socket that has the key you'd like to use. Then connect to the server, from client2, and specify a socket forward:
client2> ssh -o StreamLocalBindUnlink=yes -L/tmp/agent-server:/tmp/ssh-S0ck3t/agent.12345 server.example
The StreamLocalBindUnlink=yes allows ssh to remove the local socket (/tmp/agent-server) if it already exists.
/tmp/agent-server is the name of the local socket, you can choose this freely.
/tmp/ssh-S0ck3t/agent.12345 is the copied or noted path of the socket on the server.
c. Keep the SSH connection to the server open. In another terminal you can now use the socket by specifying it in SSH_AUTH_SOCKET:
client2> export SSH_AUTH_SOCK=/tmp/agent-server
client2> ssh-add -l
I've made a script to help finding and selecting the right socket. You can find it on GitHub:
https://gist.github.com/qistoph/9e16577788e0c28c9fd27ed09b4fbdd2
Showing posts with label networking. Show all posts
Showing posts with label networking. Show all posts
Friday, July 21, 2017
Friday, March 30, 2012
Arduino CDP viewer - part 2
Following up on Arduino CDP viewer I have updated CdpSniffino on Github.
The retrieved information is now displayed on the attached LCD.
Issues regarding the unexplained freezes seem to be solved by not using SPI and I²C at the same time. Since the Arduino combined with the Ethernet Shield, still has enough free pins to connect the LCD, I haven't dug into this issue and just control the LCD with parallel connections.
The retrieved information is now displayed on the attached LCD.
Issues regarding the unexplained freezes seem to be solved by not using SPI and I²C at the same time. Since the Arduino combined with the Ethernet Shield, still has enough free pins to connect the LCD, I haven't dug into this issue and just control the LCD with parallel connections.
Details on connecting the LCD can be found on the Arduino website - LiquidCrystal Tutorial.
I'm using pins 8, 7, 6, 5, 4, 3 and 2. These pins are configured in lcd_control.cpp.
To read two buttons, I'm using my own DebounceButton library, which you'll have to download to use the latest CdpSniffino too.
One button is used to scroll through the retrieved fields, and the other to scroll through the data in the field (when it's too long to display on the LCD).
As always, suggestions are welcome, but I currently don't have much time to implement new features.
I'm very interested to hear if you're using this tool and what you're using it for. So, if you are, please leave a comment.
Saturday, March 3, 2012
Arduino CDP viewer
Finally having a switch that sends CDP packets at home, I was looking for more information about the workings of this very informative protocol.
CDP has saved me a lot time on finding the switch to configure, while working with Cisco IP telephones, and improper configured switches.
Wondering how I'd be able to gather CDP information with a small device like a cable tester, I came up with this Arduino CDP Sniffer - CdpSniffino. The CDP implementation is pretty complete, but I'm still working on a nice way to display the information.
You'll need an Arduino, and the Arduino Ethernet shield (or compatible network interface).
These are some idea's of how the information could be displayed on an LCD display (which I have laying around), using sample data from a Cisco IP phone sending CDP packets:
The LCD support is currently a work in progress, and somehow my Arduino freezes after running for a few minutes. On Github, checkout commit 020bf1e257, for a more stable, Serial-output only, version.
If you have any feature or improvement suggestions, please, let me know in the comments below.
Update: continued in Arduino CDP viewer - part 2
Wondering how I'd be able to gather CDP information with a small device like a cable tester, I came up with this Arduino CDP Sniffer - CdpSniffino. The CDP implementation is pretty complete, but I'm still working on a nice way to display the information.
You'll need an Arduino, and the Arduino Ethernet shield (or compatible network interface).
These are some idea's of how the information could be displayed on an LCD display (which I have laying around), using sample data from a Cisco IP phone sending CDP packets:
The LCD support is currently a work in progress, and somehow my Arduino freezes after running for a few minutes. On Github, checkout commit 020bf1e257, for a more stable, Serial-output only, version.
If you have any feature or improvement suggestions, please, let me know in the comments below.
Update: continued in Arduino CDP viewer - part 2
Subscribe to:
Posts (Atom)