{"id":311,"date":"2020-05-14T16:24:29","date_gmt":"2020-05-14T14:24:29","guid":{"rendered":"https:\/\/anjo.pt\/wp\/keyword-oracle\/?p=311"},"modified":"2020-05-14T16:36:26","modified_gmt":"2020-05-14T14:36:26","slug":"ssh-tips-tricks","status":"publish","type":"post","link":"https:\/\/anjo.pt\/keyword-oracle\/2020\/05\/14\/ssh-tips-tricks\/","title":{"rendered":"SSH tips & tricks"},"content":{"rendered":"\n

These days I’ve been playing with Oracle Cloud and Azure. It is best practice to have a bastion or jumphost server with public IP address and all the rest on private networks, only accessible internally.<\/p>\n\n\n\n

Also, there is no use of passwords and only the ssh public key of the user is located on the servers. Usually this is what we try to do:<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

To start with, I use MobaXterm<\/a> to access my servers. There I’ve configured my SSH private keys to be loaded:<\/p>\n\n\n\n

\"MobaXterm<\/figure>\n\n\n\n

Connect to jumphost server and take SSH key<\/h2>\n\n\n\n

Use the -A option when connecting:<\/p>\n\n\n\n

ssh -A opc@bastion-server<\/pre>\n\n\n\n
 Then you can do ssh to the next server in the private subnet without password. Example of not using and using this option:<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Connect to private server via jumphost directly<\/h2>\n\n\n\n
For this we use both -A and -J options:<\/p>\n\n\n\n
ssh -A -J opc@bastion-server opc@private-server<\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
SCP directly to private server via JumpHost<\/h2>\n\n\n\n
Here we have to use a ProxyJump option of scp in this case:<\/p>\n\n\n\n
scp -o 'ProxyJump opc@bastion-server' file.zip opc@private-server:~\/<\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
These days I’ve been playing with Oracle Cloud and Azure. It is best practice to have a bastion or jumphost server with public IP address and all the rest on private networks, only accessible internally. Also, there is no use of passwords and only the ssh public key of the user is located on the […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[53,51,35,52],"tags":[],"class_list":["post-311","post","type-post","status-publish","format-standard","category-azure","category-cloud","category-linux","category-oci","czr-hentry"],"_links":{"self":[{"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/posts\/311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/comments?post=311"}],"version-history":[{"count":2,"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/posts\/311\/revisions"}],"predecessor-version":[{"id":319,"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/posts\/311\/revisions\/319"}],"wp:attachment":[{"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/media?parent=311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/categories?post=311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/anjo.pt\/keyword-oracle\/wp-json\/wp\/v2\/tags?post=311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}