From 9f15bd008ef1f37126ec8e03e9695b06941c4757 Mon Sep 17 00:00:00 2001
From: skyper <5938498+SkyperTHC@users.noreply.github.com>
Date: Mon, 16 Oct 2023 21:03:48 +0100
Subject: [PATCH] Update README.md
---
README.md | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/README.md b/README.md
index a2b9842..2b3213d 100644
--- a/README.md
+++ b/README.md
@@ -408,7 +408,7 @@ kali@local-kali$ ssh -J c2@10.25.237.119 jumpuser@192.168.5.135
**2.vi SSHD as user land**
-It is possible to start another SSHD on any port as non-root user and use this for connection multiplexing or forwarding (and without logging):
+It is possible to start a SSHD server as a non-root user and use this to multiplex or forward TCP connection (without logging and when the systemwide SSHD forbids forwarding/multiplexing):
```sh
# On the server, as non-root user 'joe':
mkdir -p ~/.ssh 2>/dev/null
@@ -418,10 +418,14 @@ cat sshd_key
$(command -v sshd) -f /dev/null -o HostKey=$(pwd)/sshd_key -p 31337 # -Dvvv
```
```sh
-# On the client, copy the sshd_key from the server:
-ssh -i sshd_key -p 31337 joe@1.2.3.4
+# On the client, copy the sshd_key from the server
+# and proxy connection via the server:
+ssh -D1080 -i sshd_key -p 31337 joe@1.2.3.4
+# curl -x socks5h://0 ipinfo.io
```
+[SSF](https://securesocketfunneling.github.io/ssf/#home) is an alternative way to multiplex TCP over TLS.
+
---
## 3. Network