Question

2

Creating a persistent reverse SSH connection from remote server to home client

rated 0 times [ 2] [ 0] / answers: 1 / hits: 1831 / 1 Year ago, sun, may 7, 2023, 2:30:51

I have a home client I would like to connect to over SSH from my remote Ubuntu server. currently I create a cron job that persistently calls out from my home client to my remote server.

So far I have tried: ssh -R 2222:localhost:22 root@<server-ip> -p 2222 and ssh -L 2222:localhost:22 root@<server-ip> -p 2222 in a cron job.

I listen on the server using nc -lvnp 2222 and I get a connection message saying Connection received on 104.136.5.228 63119 SSH-2.0-OpenSSH_8.8p1 Debian-1

I have also tried using the private key of my server to login through SSH. From the client: ssh-copy-id root@<server-ip> and ssh -i id_rsa root@<server-ip>.

Server response: root@<server-ip>: Permission denied (publickey).

But a reverse shell does not present itself. Any help in the right direction is greatly appreciated.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

gavgenerati

Add To Favorites

Follow

Total Points: 120

Total Questions: 126

Total Answers: 119

Location: Marshall Islands

Member since Wed, Feb 9, 2022

2 Years ago

gavgenerati questions

1 How to access /var/lib/mysql folder in ubuntu

Wed, Jun 22, 22, 17:24, 2 Years ago

1 Why does apt-get install recommended packages by default?

Fri, Jul 30, 21, 04:32, 3 Years ago

1 Allocate more disk space to Ubuntu

Fri, Jan 14, 22, 14:20, 2 Years ago

1 Ubuntu Linux doesn't recognise my external monitor on USB-C

Tue, Jul 27, 21, 19:05, 3 Years ago

1 accidentally deleted EFI partition, system is still running!

Tue, Aug 2, 22, 21:07, 2 Years ago

View All

answered 1 Year ago musining · Accepted Answer

If you want to make a ssh connection to your home-host, you need a ssh daemon running on it:

# assuming that ssh server is already installed on home-host

home-host $ sudo systemctl start sshd

You can create a persistent reverse ssh tunnel between home and remote hosts with:

home-host $ ssh -Nf -R 2222:localhost:22  remote-host

-Nf will put ssh client to background without execute any command on server.

-R 2222:localhost:22 will allocate a socket to listen at localhost:2222/tcp on remote-host. This socket will forward all packets to home-host:22/tcp via the secure connection established.

Now, connected in a terminal on remote-host, you can connect to ssh daemon running on home-host with:

remote-host $ ssh localhost -p 2222

Note that you can use this technique to connect to any network service running on home-host, not only sshd. For example, if you have a web server running on 80/tcp on home-host, it can be tunneled with:

home-host $ ssh -Nf -R 8080:localhost:80  remote-host

So, on remote-host, the magic happens with:

remote-host $ wget http://localhost:8080