OpenSSH_4.7p1, reverse shell
This is a discussion on OpenSSH_4.7p1, reverse shell within the OpenSSH Development forums, part of the Networking and Network Related category; Greetings, I am using OpenSSH 4.7 and trying to use a middle machine to do reverse shell. The error ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-01-2008
|
|||
|
|||
OpenSSH_4.7p1, reverse shell
Greetings,
I am using OpenSSH 4.7 and trying to use a middle machine to do reverse shell. The error I run into is the destination says getsockopt TCP_NODELAY: Connection reset by peer. The setup: 3 machines (we can call them A,B,C) with QNX Neutrino I would like machine C to be the destination. So we have A can talk to B, and B can talk to C, but A can not talk to C directly. What I am trying: On C: ssh -N -R 10000:localhost:22 root@machineB On B: running sshd On A: ssh root@machineB -p 10000 >From my understanding when A connect to B it will forward all to port 10000 which has access to port 22 on C. When I run the "On A" command I receive the error "getsockopt TCP_NODELAY: Connection reset by peer" on machine C and "ssh_exchange_identification: Connection closed by remote host" from machine A. I can SSH on A to B without using the -p just fine. My sshd_config is below: Many thanks for any suggestions you may have. --H #Port 22 #Protocol 2,1 #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 HostKey /etc/openssh/ssh_host_key # HostKeys for protocol version 2 HostKey /etc/openssh/ssh_host_rsa_key HostKey /etc/openssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging #obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile /root/.ssh/authorized_keys2 # For this to work you will also need host keys in /etc/openssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCreds yes # Set this to 'yes' to enable PAM authentication (via challenge-response) # and session processing. Depending on your PAM configuration, this may # bypass the setting of 'PasswordAuthentication' #UsePAM yes AllowTcpForwarding yes GatewayPorts yes #X11Forwarding no #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes KeepAlive yes UseLogin yes UsePrivilegeSeparation no #PermitUserEnvironment no #Compression yes ClientAliveInterval 0 ClientAliveCountMax 99999 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /opt/libexec/sftp-server _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
Linear Mode
