HTTP over SSH

November 1, 2008 Leave a comment

It’s easier than you might think.

socks is actually built into openSSH, so its really a trivial matter to setup a local proxy.

$ ssh -D 12345 myuser@remote_ssh_server

will open up the port 12345 on localhost as a socks proxy and all your traffic can be specified to go through the tunnel and out of remote_ssh_server

For firefox 3, go to Edit->Prefrences->Advanced->Network->Settings

and set it to use a Manual Proxy, localhost, port 12345 socksv5

Filed under Linux, Network Tagged with ,

Analysis of a proposed key-management scheme for DSN

October 6, 2008 Leave a comment

Filed under Network Tagged with

rdp over ssh into your office box

July 21, 2008 Leave a comment

My girlfriend’s company allows her to telecomute, but $AWESOME_COMPUTER_GUY is using XAUTH authentication vpn to rdp to their server, and from there to rdp again to her desktop.  Brigette had the good idea to use some sort of version control, but that’s not happening “nobody uses that”. She’s trying to telecomute from her Home box to her hard-to-access work box.

Anyway, here’s my idea to speed up rdp.  She may or may not try it, but I thought I’d write it out. It probably will work, and should work no matter what crap is in your way, as long as you have internet egress access you should be able to reverse tunnel out.

  1. Setup sshd server from home
  2. From work, get putty.

Go to the ssh->tunneling tab and enter the remote and Accept Connections from other hosts. Enter your ip information. It should look like the following.

Then click add.

Refer to http://the.earth.li/~sgtatham/putty/0.60/htmldoc/Chapter3.html#using-port-forwarding for more information

You may also want to add compresssion, probably depending on the computer power you have available vs your bandwidth.  This is available in the ssh section.

Now connect to your home box.  Leave this connection on, as you need it to connect back in.  Idiot note: be sure you have rdp enabled properly.

3.  From Home, get an rdp client.  Now connect to localhost->port you selected above.  In our case it was 3389.  This is now forwarded to your work box (hopefully).

Now I don’t know if she’ll use this or not, but at least it’s nice to have better (if not great) solutions to try.

Filed under Network Tagged with , ,

wget login pages

May 15, 2008 Leave a comment

how do you scrape a page that you have to login to get to? Well, one way is to save the cookies and use –post-data, though this depends on how the session is saved.

$ wget http://site/login/index.php –post-data “username=user&password=pass” –save-cookies=cookies.txt –keep-session-cookies

then to grab other pages

$ wget –load-cookies=cookies.txt http://login/someotherpage/index.php

Filed under Network Tagged with

Using smbclient to view public cifs shares

May 7, 2008 Leave a comment

Easy? yes. Trivial? yes.  But I always have to look up the syntax.

smbclient -L //localhost
Password: 
Domain=[MIDEARTH] OS=[Unix] Server=[Samba 3.0.26a]

        Sharename       Type      Comment
        ---------       ----      -------
        IPC$            IPC       IPC Service (Samba 3.0.26a)
        data            Disk      Data
Domain=[MIDEARTH] OS=[Unix] Server=[Samba 3.0.26a]

        Server               Comment
        ---------            -------
        HOBBIT               Samba 3.0.26a

        Workgroup            Master
        ---------            -------
        MIDEARTH             HOBBIT</pre>

Just leave the password empty to do it as guest.  For some reasone I tend to always mix up smbclient and smbmount (depricated, usually mount.cifs now).

Filed under Linux, Network Tagged with , ,

Encrypt a message with RSA in python

May 5, 2008 3 Comments

For some people in my class this was easy, and others it was difficult.  Some people have spent a good 40 hours on this, so I thought I’d post some code to help out.  There isn’t much documentation on the crypto modules.

server.py

#!/usr/bin/env python

from Crypto.Hash import MD5
from Crypto.PublicKey import RSA
from Crypto.Util import randpool

import pickle
import socket
import sys

#generate the RSA key
blah = randpool.RandomPool()
RSAKey = RSA.generate(512, blah.get_bytes)

RSAPubKey = RSAKey.publickey()

#listen for a connection
host = ''
port = 12345

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind((host,port))
s.listen(1)

print "Server is running on port %d; press Ctrl-C to terminate." % port

while 1:
  clientsock, clientaddr = s.accept()
  print "got connection from ", clientsock.getpeername()
  #send the public key over
  clientsock.send(pickle.dumps(RSAPubKey))

  rcstring = ''
  while 1:
    buf = clientsock.recv(1024)
    rcstring += buf
    if not len(buf):
      break
  clientsock.close()
  #done with the network stuff, at least for this connection

  #encmessage is the cipher text
  encmessage = pickle.loads(rcstring)

  print RSAKey.decrypt(encmessage)

client.py
#!/usr/bin/env python
from Crypto.Hash import MD5
from Crypto.PublicKey import RSA
from Crypto.Util import randpool

import pickle
import socket

host = 'localhost'
port = 12345

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

s.connect((host, port))

#this should loop around until a delimeter is read
#or something similar
rcstring = s.recv(2048)

#this object is of type RSAobj_c, which only has public key
#encryption is possible, but not decryption
publickey = pickle.loads(rcstring)

print publickey

#encrypt the top secret data
secretText = publickey.encrypt("Hello, this is Rich.", 32)

s.sendall(pickle.dumps(secretText))
s.close()

Filed under Network, Programming Tagged with , ,

Older posts

Newer posts

Follow

Get every new post delivered to your Inbox.