this combo allows only 1 ip to root access with key…
from=”123.234.345.567” ssh-rsa AAAAmypubkeyverylong== [email protected]
this allows sftp only..no shell access for root. we can jolly combine this with
for scripted file transfers and the like.
[email protected]:~$ ssh [email protected]
Enter passphrase for key ‘/home/lz/.ssh/id_rsa’:
[email protected]’s password:
This service allows sftp connections only.
Connection to 234.345.456.567 closed.
Match User root
teamviewer or ngrok are yet another vulnerability layer and crappy software from fly-by-night developers that run on our computers so lets not use them.
lets stick to openssh-server. a yum or apt-get install away.
assuming our home pc’s public,external, web facing ip address is 18.104.22.168, we have a user lz on the home pc and a user liangzhu in the bii pc:
on the bii pc, do
ssh -R 9000:localhost:22 [email protected]
then leave it connected and then go home
at home, on your home pc, do
ssh -p 9000 [email protected]
on your bii pc’s /etc/ssh/sshd_conf you might need to add this line
and do a
service sshd reload
for this to work