Secure netcat chat - SSH

ssh hostname nc -l 9876
client: nc localhost 9876

1
2015-01-14 20:11:50

These Might Interest You

  • client$ while true; do read -n30 ui; echo $ui |openssl enc -aes-256-ctr -a -k PaSSw ; done | nc localhost 8877 | while read so; do decoded_so=`echo "$so"| openssl enc -d -a -aes-256-ctr -k PaSSw`; echo -e "Incoming: $decoded_so"; done This will establish a simple encrypted chat with AES-256-CTR using netcat and openssl only. More info here https://nixaid.com/encrypted-chat-with-netcat/


    8
    server$ while true; do read -n30 ui; echo $ui |openssl enc -aes-256-ctr -a -k PaSSw; done | nc -l -p 8877 | while read so; do decoded_so=`echo "$so"| openssl enc -d -a -aes-256-ctr -k PaSSw`; echo -e "Incoming: $decoded_so"; done
    arno · 2014-01-16 14:36:09 0
  • (Please see sample output for usage) script.bash is your script, which will be crypted to script.secure script.bash --> script.secure You can execute script.secure only if you know the password. If you die, your script dies with you. If you modify the startup line, be careful with the offset calculation of the crypted block (the XX string). Not difficult to make script editable (an offset-dd piped to a gpg -d piped to a vim - piped to a gpg -c directed to script.new ), but not enough space to do it on a one liner. Show Sample Output


    5
    echo "eval \"\$(dd if=\$0 bs=1 skip=XX 2>/dev/null|gpg -d 2>/dev/null)\"; exit" > script.secure; sed -i s:XX:$(stat -c%s script.secure): script.secure; gpg -c < script.bash >> script.secure; chmod +x script.secure
    rodolfoap · 2013-03-09 11:16:48 5
  • Then just nc servername 2600 and ./script.sh kill the client with ctrl+c. You can reconnect several times. kill the server with exit


    8
    mkfifo foo ; nc -lk 2600 0<foo | /bin/bash 1>foo
    bugmenot · 2012-07-29 00:33:41 0
  • Client ~$ ncat --ssl localhost 9876 Change localhost to the correct ip address. Show Sample Output


    18
    ncat -vlm 5 --ssl --chat 9876
    snipertyler · 2014-06-07 19:17:29 0

What Others Think

Just no. This is not a "tip" or "trick" or anything of the sort. It's just how netcat works.
snegtul · 175 weeks and 1 day ago
This creates a encrypted connection and starts a nc listening server on the remote host. When connected, it pipes the data from the encrypted connection back to the local computer. Not only does this get past needing to forward a port to pass data through nc over the web (just 22 for ssh), but it's encrypted. I wasn't aware netcat had that functionality.
snipertyler · 175 weeks and 1 day ago
It works! i like it! :)
0rf30 · 175 weeks ago

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands



Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: