init

2025-08-10 11:04:12 +00:00
commit 728a3db957
20 changed files with 527 additions and 0 deletions
--- a/content/ssh/_index.md
+++ b/content/ssh/_index.md
@@ -0,0 +1,4 @@
+++
+date = '2025-08-10T11:30:43Z'
+title = 'SSH'
+++
--- a/content/ssh/port-forwarding.md
+++ b/content/ssh/port-forwarding.md
@@ -0,0 +1,24 @@
+++
+date = '2025-08-10T11:55:59Z'
+title = 'Port Forwarding'
+++
+
+- `-L` 本地转发（本地访问远程）
+- `-R` 远程转发（远程访问本地，如clash）
+
+```pseudo-shell
+ssh -R <remote_listen_port>:<local_host>:<local_port> <user>@<ssh_server>
+ssh -L [<local_listen_host>]:<local_listen_port>:<remote_host>:<remote_port> <user>@<ssh_server>
+```
+
+<shell-commands-builder-component
+    command="ssh -R ${REMOTE_LISTEN_PORT}:${LOCAL_HOST:-localhost}:${LOCAL_PORT} ${SSH_HOST} ${COMMAND}"
+    variables='[{"name":"REMOTE_LISTEN_PORT","default":"7890"},{"name":"LOCAL_HOST","default":"localhost"},{"name":"LOCAL_PORT","default":"7890"},{"name":"SSH_HOST","required":true},{"name":"COMMAND","default":"sleep infinity"}]'>
+</shell-commands-builder-component>
+
+---
+
+<shell-commands-builder-component
+    command="ssh -L ${LOCAL_LISTEN_PORT}:${REMOTE_HOST:-localhost}:${REMOTE_PORT} ${SSH_HOST} ${COMMAND}"
+    variables='[{"name":"LOCAL_LISTEN_PORT","default":"8080"},{"name":"REMOTE_HOST","default":"localhost"},{"name":"REMOTE_PORT","default":"80"},{"name":"SSH_HOST","required":true},{"name":"COMMAND","default":"sleep infinity"}]'>
+</shell-commands-builder-component>
--- a/content/ssh/ssh-via-gpg.md
+++ b/content/ssh/ssh-via-gpg.md
@@ -0,0 +1,23 @@
+++
+date = '2025-08-10T11:36:00Z'
+title = 'SSH via GPG'
+++
+
+## get gpg key grip
+
+<shell-commands-builder-component
+    command="gpg -k --with-keygrip">
+</shell-commands-builder-component>
+
+## enable ssh auth
+
+<shell-commands-builder-component
+    command="gpg-connect-agent 'keyattr $1 Use-for-ssh: true' /bye"
+    variables='[{"position":1,"required":true}]'>
+</shell-commands-builder-component>
+
+## enable ssh agent
+
+<shell-commands-builder-component
+    command="echo 'export SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent.ssh' >> ~/.bashrc">
+</shell-commands-builder-component>
--- a/content/ssh/sshd.md
+++ b/content/ssh/sshd.md
@@ -0,0 +1,15 @@
+++
+date = '2025-08-10T12:13:32Z'
+title = 'sshd'
+++
+
+<shell-commands-builder-component
+    command="cat << EOF > /etc/ssh/sshd_config.d/security.conf
+PermitRootLogin no
+PubkeyAuthentication yes
+PasswordAuthentication no
+Port $SSH_LISTEN_PORT
+EOF
+systemctl restart sshd"
+    variables='[{"name":"SSH_LISTEN_PORT","default":"22"}]'>
+</shell-commands-builder-component>