From 9f15bd008ef1f37126ec8e03e9695b06941c4757 Mon Sep 17 00:00:00 2001 From: skyper <5938498+SkyperTHC@users.noreply.github.com> Date: Mon, 16 Oct 2023 21:03:48 +0100 Subject: [PATCH] Update README.md --- README.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index a2b9842..2b3213d 100644 --- a/README.md +++ b/README.md @@ -408,7 +408,7 @@ kali@local-kali$ ssh -J c2@10.25.237.119 jumpuser@192.168.5.135 **2.vi SSHD as user land** -It is possible to start another SSHD on any port as non-root user and use this for connection multiplexing or forwarding (and without logging): +It is possible to start a SSHD server as a non-root user and use this to multiplex or forward TCP connection (without logging and when the systemwide SSHD forbids forwarding/multiplexing): ```sh # On the server, as non-root user 'joe': mkdir -p ~/.ssh 2>/dev/null @@ -418,10 +418,14 @@ cat sshd_key $(command -v sshd) -f /dev/null -o HostKey=$(pwd)/sshd_key -p 31337 # -Dvvv ``` ```sh -# On the client, copy the sshd_key from the server: -ssh -i sshd_key -p 31337 joe@1.2.3.4 +# On the client, copy the sshd_key from the server +# and proxy connection via the server: +ssh -D1080 -i sshd_key -p 31337 joe@1.2.3.4 +# curl -x socks5h://0 ipinfo.io ``` +[SSF](https://securesocketfunneling.github.io/ssf/#home) is an alternative way to multiplex TCP over TLS. + --- ## 3. Network