如何从Shell脚本中反转SSH

时间:2014-05-16 22:42:05

标签: linux ssh openssh openwrt

下午好,

我正在尝试使用shell脚本建立反向SSH连接。

下面是我的调用命令,从客户端到主机,再到客户端:(重要数据替换为xxxxxx)

ssh -o StrictHostKeyChecking=no -o ConnectTimeout=15 -R 19999:localhost:22 admin@xx.xxx.xx.xx -v "sshpass -p xxxxxxx ssh -f -N -q -L 0.0.0.0:81:localhost:80 root@localhost -p 19999"

显示以下是来自SSH和Netstat命令的输出 不幸的是,连接确实出现在Netstat上,它显示为TIME_WAIT而不是ESTABLISHED,我无法从另一台机器访问客户端上的端口80(通过访问主机上的端口81)

这是建立反向SSH连接的正确方法,而无需在主机上键入任何内容吗?

如果我手动运行这两个命令

  ssh -o StrictHostKeyChecking=no -o ConnectTimeout=15 -R 19999:localhost:22 dmin@xx.xxx.xx.xx -v 


sshpass -p xxxxxxx ssh -f -N -q -L 0.0.0.0:81:localhost:80 root@localhost -p 19999

一切正常,一旦它连接到主机,我没有任何问题,但是我无法通过脚本文件这样做。

编辑:我尝试了在客户端和命令的主机部分使用-f -N和-q的不同组合,但我还没有取得任何成功的结果。我得到的最好的方法是显示客户端的固件欢迎消息

执行命令后的Netstat输出:

Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 xxx.xxxxxxxxx.myvzw.com:xxxx xxxx.us-west-1.compute.xxxxx.com:ssh TIME_WAIT
tcp        0      0 localhost:49553         localhost:ssh           TIME_WAIT
udp        0      0 xxx.xxxxxxxxx.myvzw.com:xxxx xxxxxxx:ntp          ESTABLISHED
Active UNIX domain sockets (w/o servers)

来自顶级SSH命令的调试输出

    OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to xx.xxx.xxx.xx [xx.xxx.xxx.xx] port 22.
    debug1: fd 3 clearing O_NONBLOCK
    debug1: Connection established.
    debug1: permanently_set_uid: 0/0
    debug1: identity file /root/.ssh/id_rsa type -1
    debug1: identity file /root/.ssh/id_rsa-cert type -1
    debug1: identity file /root/.ssh/id_dsa type -1
    debug1: identity file /root/.ssh/id_dsa-cert type -1
    debug1: identity file /root/.ssh/id_ecdsa type -1
    debug1: identity file /root/.ssh/id_ecdsa-cert type -1
    debug1: identity file /root/.ssh/id_ed25519 type -1
    debug1: identity file /root/.ssh/id_ed25519-cert type -1
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_6.6
    debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4
    debug1: match: OpenSSH_6.0p1 Debian-4 pat OpenSSH* compat 0x04000000
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: sending SSH2_MSG_KEX_ECDH_INIT
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: Server host key: ECDSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
    debug1: Host 'xx:xxx:xxx:xx' is known and matches the ECDSA host key.
    debug1: Found key in /root/.ssh/known_hosts:5
    debug1: ssh_ecdsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey
    debug1: Next authentication method: publickey
    debug1: Trying private key: /root/.ssh/id_rsa
    debug1: key_parse_private2: missing begin marker
    debug1: read PEM private key done: type RSA
    debug1: Authentication succeeded (publickey).
    Authenticated to xx:xxx:xxx:xx ([xx:xxx:xxx:xx]:22).
    debug1: Remote connections from LOCALHOST:19999 forwarded to local address localhost:22
    debug1: channel 0: new [client-session]
    debug1: Requesting no-more-sessions@openssh.com
    debug1: Entering interactive session.
    debug1: remote forward success for: listen 19999, connect localhost:22
    debug1: All remote forwarding requests processed
    debug1: Sending command: sleep 5; sshpass -p xxxxxxx ssh -f -N -q -L 0.0.0.0:1195:localhost:1194 root@localhost -p 19999
    debug1: client_input_channel_open: ctype forwarded-tcpip rchan 3 win 2097152 max 32768
    debug1: client_request_forwarded_tcpip: listen localhost port 19999, originator ::1 port 38767
    debug1: connect_next: host localhost ([127.0.0.1]:22) in progress, fd=7
    debug1: channel 1: new [::1]
    debug1: confirm forwarded-tcpip
    debug1: channel 1: connected to localhost port 22
    debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
    debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
    debug1: channel 0: free: client-session, nchannels 2
    debug1: channel 1: free: ::1, nchannels 1
    Transferred: sent 4768, received 4176 bytes, in 10.4 seconds
    Bytes per second: sent 459.7, received 402.6
    debug1: Exit status 0

谢谢,

1 个答案:

答案 0 :(得分:0)

我似乎能够通过应用一些" sleep"来建立反向连接。命令

以下是我的命令

ssh -o StrictHostKeyChecking=no -o ConnectTimeout=15 -f -R 19999:localhost:22 admin@XX.XXX.XXX.XX -v "sleep 5; sshpass -p XXXXXX ssh -L 0.0.0.0:81:localhost:81 root@localhost -p 19999 -v \"sleep 120\" sleep 120"

所以基本上我在完成第二次连接之前将ssh进程置于休眠状态,并在之后立即将第二个连接置于休眠状态。

有趣的是,连接在120秒后不会停止,它会保持不变。如果有人愿意解释为什么会这样,或者有更好的方法,请回复 感谢

相关问题
最新问题