Rename ssh article to remote-shell.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/remote-shell.rst Sat Dec 26 13:06:11 2009 +0200
@@ -0,0 +1,88 @@
+-*- mode: outline; coding: utf-8 -*-
+
+* ssh.
+
+** ssh server on cygwin.
+
+ * Инсталлируем стандартный набор утилит Cygwin + пакет openssh.
+ * Устанавливаем переменную окружения CYGWIN=binmode tty ntsec.
+ Это можно сделать глобально или через cygwin.bat (только для клиента).
+ set CYGWIN=binmode tty ntsec
+ * Создать пользователя (XXX как сделать чтобы этот пользователь не мог логиниться?),
+ например с именем user.
+ * Обновить /etc/passwd
+ $ mkpasswd -l -u user >>/etc/passwd
+ или
+ $ mkpasswd -l >/etc/passwd
+ для обносления всех записей.
+ * В приглашении bash:
+ $ mkdir -p /home/user
+ $ ssh-host-config -y
+ Стартуем сервер:
+ $ net start sshd
+ или
+ $ cygrunsrv -S sshd
+ * На удаленной машине логинимся:
+ $ ssh 192.168.1.26 -l user
+ * Остановить сервер
+ $ cygrunsrv -E sshd
+
+*** Запускаем SSH server на правах произвольного пользователя.
+
+ * Создаем пользователя, например с именем user, задаем ему пароль,
+ права (т.е. в какие группы будет входить) и т.д., пользователя не блокируем.
+ * В консоле MMC добавляем оснастку "Параметры безопасности.". Модифицируем параметры:
+
+ "Параметры безопасности."->"Локальные политики."->"Назначение прав пользователя."
+ ->"Вход в качестве службы."->добавить 'user'.
+
+ "Параметры безопасности."->"Локальные политики."->"Назначение прав пользователя."
+ ->"Отклонить локальный вход."->удалить 'user' (если был установлен).
+
+ XXX "Принудительное удаленнон завершение."
+
+** ssh client.
+
+*** SSH client on Windows.
+
+**** ssh from Cygwin.
+
+ * Инсталируем openssh из Cygwin.
+ * В приглашении bash набираем
+ $ ssh user@192.168.1.38
+ или
+ $ ssh -l user 192.168.1.38
+
+** Reverse SSH Tunneling
+
+Have you ever wanted to ssh to your Linux box that sits behind NAT? Now you can with
+reverse SSH tunneling. This document will show you step by step how to set up reverse SSH
+tunneling. The reverse SSH tunneling should work fine with Unix like systems.
+
+Let's assume that Destination's IP is 192.168.20.55 (Linux box that you want to access).
+
+You want to access from Linux client with IP 138.47.99.99.
+Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99)
+
+SH from the destination to the source (with public ip) using command below:
+
+ $ ssh -R 19999:localhost:22 sourceuser@138.47.99.99
+
+port 19999 can be any unused port.
+Now you can SSH from source to destination through SSH tuneling:
+
+ $ ssh localhost -p 19999
+
+3rd party servers can also access 192.168.20.55 through Destination (138.47.99.99).
+Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99) <- Bob's server
+
+From Bob's server:
+
+ $ ssh sourceuser@138.47.99.99
+
+After the sucessful login to Source:
+
+ $ ssh localhost -p 19999
+
+The connection between destination and source must be alive at all time. Tip: you may run
+a command (e.g. watch, top) on Destination to keep the connection active.
--- a/ssh.rst Sat Dec 26 13:05:34 2009 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,86 +0,0 @@
--*- mode: outline; coding: windows-1251 -*-
-
-* SSH server on cygwin.
-
- * Cygwin + openssh.
- * CYGWIN=binmode tty ntsec.
- cygwin.bat ( ).
- set CYGWIN=binmode tty ntsec
- * (XXX ?),
- user.
- * /etc/passwd
- $ mkpasswd -l -u user >>/etc/passwd
-
- $ mkpasswd -l >/etc/passwd
- .
- * bash:
- $ mkdir -p /home/user
- $ ssh-host-config -y
- :
- $ net start sshd
-
- $ cygrunsrv -S sshd
- * :
- $ ssh 192.168.1.26 -l user
- *
- $ cygrunsrv -E sshd
-
-** SSH server .
-
- * , user, ,
- (.. ) .., .
- * MMC " .". :
-
- " ."->" ."->" ."
- ->" ."-> 'user'.
-
- " ."->" ."->" ."
- ->" ."-> 'user' ( ).
-
- XXX " ."
-
-* SSH client.
-
-** SSH client on Windows.
-
-*** ssh from Cygwin.
-
- * openssh Cygwin.
- * bash
- $ ssh user@192.168.1.38
-
- $ ssh -l user 192.168.1.38
-
-* Reverse SSH Tunneling
-
-Have you ever wanted to ssh to your Linux box that sits behind NAT? Now you can with
-reverse SSH tunneling. This document will show you step by step how to set up reverse SSH
-tunneling. The reverse SSH tunneling should work fine with Unix like systems.
-
-Let's assume that Destination's IP is 192.168.20.55 (Linux box that you want to access).
-
-You want to access from Linux client with IP 138.47.99.99.
-Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99)
-
-SH from the destination to the source (with public ip) using command below:
-
- $ ssh -R 19999:localhost:22 sourceuser@138.47.99.99
-
-port 19999 can be any unused port.
-Now you can SSH from source to destination through SSH tuneling:
-
- $ ssh localhost -p 19999
-
-3rd party servers can also access 192.168.20.55 through Destination (138.47.99.99).
-Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99) <- Bob's server
-
-From Bob's server:
-
- $ ssh sourceuser@138.47.99.99
-
-After the sucessful login to Source:
-
- $ ssh localhost -p 19999
-
-The connection between destination and source must be alive at all time. Tip: you may run
-a command (e.g. watch, top) on Destination to keep the connection active.