Solve the SSH backdoor Problem

Article Title: solves the problem of Linuxssh backdoor. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Linux ssh backdoors are related to system security. As a Linux system administrator, this problem should be solved in a timely manner. Here we will first introduce this Linux ssh backdoors problem, then, we will introduce the solution to this problem to help the Administrator handle this Linux ssh backdoor.

Many times, my website needs someone's remote support, but he is blocked by the company's fire prevention. Few people realize that, if they can reach the outside through the firewall, they can easily bring in external information. From the original intention, this is called "hitting a hole in the firewall ". I call it an SSH backdoor. To use it, you must have a machine that is used as an intermediary to connect to the Internet. In this example, the machine is called blackbox.example.com. The machine behind the company's firewall is called ginger. The machines supported by this technology are called tech. Explains the setup process.

498) this. style. width = 498; ">
Figure: hitting a hole in the firewall

The procedure is as follows:

1. check what is allowed, but make sure you have the right person. Most people worry that you have enabled the firewall, but they do not understand that this is completely encrypted. Moreover, external machines must be cracked before they can enter the company. However, you may belong to the "dare to do" type. The method you should choose, but do not complain about others when you are not satisfied.

2. Use the-R flag to connect to blackbox.example.com through SSH from ginger. If you are the root user on ginger, tech needs the root user ID to help you use the system. Use the-R flag to forward the description of port 2222 on blackbox to port 22 on ginger. This sets up the SSH channel. Note that only SSH communication can enter ginger: You will not place ginger on unprotected Internet.

You can use the following syntax to perform this operation:

~ # Ssh-R 2222: localhost: 22 thedude@blackbox.example.com

After entering blackbox, you only need to maintain the logon status. I always enter the following command:

Thedude @ blackbox :~ $ While [1]; do date; sleep 300; done

Keep the machine busy. Then the window is minimized.

3. Instruct friends on tech to connect to blackbox through SSH instead of using any special SSH flag. However, you must give them the password:

Root @ tech :~ # Ssh thedude@blackbox.example.com.

4. After tech is on blackbox, you can use the following command to connect to ginger from SSH:

Thedude @ blackbox :~ $: Ssh-p 2222 root @ localhost

5. Tech will prompt you to enter the password. Enter the root password of ginger.

6. Now you can work with tech support to solve the problem. Even the screen needs to be used together!

The above are detailed steps to solve the Linux ssh backdoor problem.