ssh tunneling

using openssh it is possible to tunnel to a remote network over an encrypted port and tunnel any protocol over that.

sudo ssh -L local port:endpoint ip:port on endpoint user@ssh server

where local port is the port on your machine, endpoint ip is the server you want to connect to, port on endpoint is the service port on the endpoint and user@ssh server is the user and the ssh server you are proxing through.

for example:

sudo ssh -L 33890:192.168.0.10:3389 root@1.2.3.4

will map the port 33890 on your local PC through to 192.168.0.10 from the remote ssh server 1.2.3.4.

this means you can connect to 127.0.0.1:33890 and you will connect to 3389 on the 192.168.0.10 server.

the main advantage of this is you dont need to be able to route to the 192.168.0.10 address – only the ssh proxy needs to.

converting .pfk certificates to .pem

Some applications require that the certificate you are using is in the .pem (Privacy Enhanced Mail) Base64 encoded DER certificate format. If you have the certifiacte as a .pfx you can convert it using openssl like this…

openssl pkcs12 -in yourcert.pfx -out yourcert.pem -nodes