OpenSSH_4.7p1, reverse shell
Hayder Mouhammed
hmouhammed at gmail.com
Wed Apr 2 07:33:13 EST 2008
Greetings,
I am using OpenSSH 4.7 and trying to use a middle machine to do reverse
shell. The error I run into is the destination says getsockopt TCP_NODELAY:
Connection reset by peer.
The setup:
3 machines (we can call them A,B,C) with QNX Neutrino
I would like machine C to be the destination. So we have A can talk to B,
and B can talk to C, but A can not talk to C directly.
What I am trying:
On C: ssh -N -R 10000:localhost:22 root at machineB
On B: running sshd
On A: ssh root at machineB -p 10000
>From my understanding when A connect to B it will forward all to port 10000
which has access to port 22 on C.
When I run the "On A" command I receive the error "getsockopt TCP_NODELAY:
Connection reset by peer" on machine C and "ssh_exchange_identification:
Connection closed by remote host" from machine A. I can SSH on A to B
without using the -p just fine. My sshd_config is below:
Many thanks for any suggestions you may have.
--H
#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
HostKey /etc/openssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/openssh/ssh_host_rsa_key
HostKey /etc/openssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile /root/.ssh/authorized_keys2
# For this to work you will also need host keys in
/etc/openssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCreds yes
# Set this to 'yes' to enable PAM authentication (via challenge-response)
# and session processing. Depending on your PAM configuration, this may
# bypass the setting of 'PasswordAuthentication'
#UsePAM yes
AllowTcpForwarding yes
GatewayPorts yes
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
KeepAlive yes
UseLogin yes
UsePrivilegeSeparation no
#PermitUserEnvironment no
#Compression yes
ClientAliveInterval 0
ClientAliveCountMax 99999
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /opt/libexec/sftp-server
More information about the openssh-unix-dev
mailing list