On the loghost, create the reverse tunnel as the rsyslog-remote user.So, any packet that is sent to 127.0.0.1:50514 on the syslog client, will be encrypted by the reverse ssh session and be available to be read on port 1514 on the loghost. We'll originate a reverse ssh tunnel on the loghost that listens on port 50514 on the loopback interface (127.0.0.1 and ::1 ) on the client and empties out on our loghost on port 1514. ssh directory on the loghost to the syslog scp /home/rsyslog-remote/.ssh/id_rsa.pub On the syslog client, copy the rsyslog-remote user's loghost public key to the authorized_keys file for the rsyslog-remote userĬat /home/user/id_rsa.pub > /home/rsyslog-remote/.ssh/authorized_keysĬhown rsyslog-remote:rsyslog-remote /home/rsyslog-remote/.ssh/authorized_keysĬhmod 600 /home/rsyslog-remote/.ssh/authorized_keys
#Ssh tunnel log password#
Make sure that the rsyslog-remote user's password is very hard to guess with tons of entropy.or better yet lock the account as we'll be using ssh keys for authentication.Ĭonfiguring ssh public key authentication.This user will be used for the ssh tunnel between the two systems. Create a user on both the syslog client and the loghost.
0 kommentar(er)
