OpenSSH tunneling guide

“Welcome to the Warp Zone!”

Published: Apr 13 2024

The OpenSSH client has a lot of very powerful features for tunneling applications through a SSH connections and is one of my favorite tools for quick-and-dirty network plumbing tasks. It can be very useful for fixing/bypassing connectivity issues (caused by NATs, firewalls), accessing internal networks. This post is an overview of the different tunneling options available in OpenSSH. This is inteded as a reference to use when I am explaining (every so often) how to use SSH for tunneling.

Protocol stack diagrams

Layers all the way down

Published: Dec 20 2023

A collection of ASCII-art protocol stack diagrams.

Impact of the different Wifi security modes

Published: Jun 7 2022

Comparing the different Wifi/WPA authentication and key distribution methods (PSK, EAP, SEA).

Introduction to TLS v1.3

Published: Feb 26 2022

Some notes about how TLS v1.3 works. This is a follow-up of the previous episode about TLS v1.2. As before, the goal is to have a high-level overview about how the protocol works, what is the role of the different messages and be able to understand (and debug) a network traffic dump.

Introduction to TLS v1.2

Published: Nov 30 2021

Some notes about how TLS v1.2 (Transport Layer Security) works. The goal explain what is going on in a network traffic dump, the role of the different TLS extensions, the impact of the different cipher suites on security, etc. It includes several diagrams and many references.

Introduction to the Diffie-Hellman key exchange

Published: Oct 19 2021

The Diffie-Hellman (DH) key exchange (and variants thereof) is widely used in many protocols (such as TLS, SSH, IKE (IPSec), Signal, etc.) to bootstrap some symmetric key material which may then be used to secure communication channel between two parties. This introduction focuses on the different ways the DH key exchange is used in practice in several protocols (especially TLS) and the impact of these different approaches on the security. This is intended as a prelude for the upcoming next episodes about how TLS works.

TUN/TAP interface (on Linux)

Published: May 8 2021

Some notes about using the TUN/TAP interface, especially on Linux.

Introduction to UPnP

Published: Mar 22 2021

This post gives simple explanations of how UPnP (Universal Plug-and-Play) works, especially with the goal of testing the security devices such as routers, smart TVs, etc.

GNU/Linux host name resolution

Published: Apr 20 2020

This post describes different software components involved in host name resolutions and DNS configuration on GNU/Linux systems. It consists of a diagram and some accompanying explanations. The goal is to give some pointers and references to understand how to troubleshoot host name/DNS resolution problems and configuration problems on GNU/Linux systems.

Using dig as a LLMNR or mDNS CLI lookup utility

Published: Apr 2 2019

I was looking for a LLMNR commandline lookup utility. Actually, dig can do the job quite fine.

Page 1 of 2 | Previous page | Next page | JSON Feed | Atom Feed