--telnet + encryption --Short for Secure Shell
What is SSH? | An IT terminology dictionary that makes you feel like you understand even if you don't understand it
--Technology to ssh to another server using a relay server --Used when sshing using a bastion server to a server that cannot be accessed directly --The local <-> relay server is encrypted, but the relay server <-> destination server is not encrypted.
A story about SSH port forwarding --Qiita Fun way to dig a tunnel (options: -L, -R, -f, -N -g) — Kyoto University Microcomputer Club (KMC) /2013/12/09/tunnel2.html)
#Local to remote ssh <Relay ip> -L <Local port>:<Purpose ip>:<Destination port> -N #Remote to local ssh <Former ip> -R <Former ip>:<Purpose ip>:<Destination port> -N
--N: Do not open the ssh destination shell. Use when you do not want to start the shell of the relay server for port forwarding. --f: Make ssh a background process. --g: Allow access from external hosts to locally forwarded tunnel ports --v: Display debug messages (verbose mode). ** Very useful when debugging ** --i: Specify the private key used for connection --t: You can assign a simulated terminal when executing ssh (Shortcut when using ssh via stepping stone --Qiita)
Fun way to dig a tunnel (options: -L, -R, -f, -N -g) — Kyoto University Microcomputer Club (KMC) /2013/12/09/tunnel2.html) [[Ssh] command-Log in to a remote machine and execute the command: Linux basic command Tips (80)[email protected]](https://www.atmarkit.co.jp/ait/articles/1701/26/ news015.html # opt)
--The private key specification in the i option will look at
~ / .ssh / id_rsa by default.
-That is, the following are equivalent
ssh -i ~/.ssh/id_rsa example.com ssh example.com
ssh-keygen -t rsa -b 4096 -C “Comment”
[Your SSH Keys are made incorrectly-Qiita](https://qiita.com/suthio/items/2760e4cff0e185fe2db9#%E6%96%B0%E3%81%97%E3%81%84ssh-key % E3% 81% AE% E4% BD% 9C% E6% 88% 90)]
--You will be asked for the name of the key after executing the command
--By default, the private key is created in
$ HOME / .ssh / id_rsa and the public key is created in
$ HOME / .ssh / id_rsa.pub.
--The side that accepts ssh is called the ssh server.
--The ssh server needs to write the public key used for authentication in
$ HOME / .ssh / authorized_keys
Bad remote forwarding specification
--Appears when the order of ssh tunnel options is different
ssh -i <pem file> mid-host -R <local-port>: <target-server-address>: <target-port> is in the correct order
――It seems that it will come out in any other order
Permission denied (publickey,gssapi-keyex,gssapi-with-mic)
--Appeared when the file name of the key specified by the i option is different
-authorized_keys — Kyoto University Microcomputer Club (KMC)