I just recently learned about /dev/tcp, which is a feature of bash. It lets you do network communication in bash. I wanted to ssh directly into a server which was not directly accessible, but just via a gateway server. ssh_config (or $HOME/.ssh/config) has a parameter ProxyCommand, which lets you do exactly this. My problem was that the gateway did not have nc (netcat) installed, and since it was a production server under change control, I could not just install it. I found SSH ProxyCommand without netcat, which solved my problem. It boils down to using
ProxyCommand ssh {gw} 'exec 3<>/dev/tcp/{host}/22; cat <&3 & cat >&3;kill $!'
as a proxy command ({gw} should be replaced with the gateway host, and {host} with the host you want to log in to). Needless to say that placing your ssh-key on the gateway and host makes life a lot easier.
Anyway, I did not know the feature and found the explanation a bit meager, so I googled further, and found
More on Using Bash's Built-in /dev/tcp File (TCP/IP) and
Network Programming with bash.
Both are a quick read and helped me understand /dev/tcp. So there is a lot more you can do with /dev/tcp then just ssh multi hopping. For example, you could also use it as a port scanner or reverse shell, if you happen to need one and can not just install the specilized programm: /dev/tcp as a weapon.
Keine Kommentare:
Kommentar veröffentlichen