{"id":2871,"date":"2018-02-06T16:08:46","date_gmt":"2018-02-06T07:08:46","guid":{"rendered":"https:\/\/fei-yen.jp\/maya\/wordpress\/blog\/2018\/02\/06\/ssh%e5%85%88%e3%81%a7%e3%83%91%e3%82%b1%e3%83%83%e3%83%88%e3%82%ad%e3%83%a3%e3%83%97%e3%83%81%e3%83%a3%e3%81%97%e3%81%9f%e3%81%84%ef%bc%88%e4%b8%bb%e3%81%abmac%e5%90%91%e3%81%91%ef%bc%89\/"},"modified":"2018-02-06T16:08:46","modified_gmt":"2018-02-06T07:08:46","slug":"ssh%e5%85%88%e3%81%a7%e3%83%91%e3%82%b1%e3%83%83%e3%83%88%e3%82%ad%e3%83%a3%e3%83%97%e3%83%81%e3%83%a3%e3%81%97%e3%81%9f%e3%81%84%ef%bc%88%e4%b8%bb%e3%81%abmac%e5%90%91%e3%81%91%ef%bc%89","status":"publish","type":"post","link":"https:\/\/fei-yen.jp\/maya\/wordpress\/blog\/2018\/02\/06\/ssh%e5%85%88%e3%81%a7%e3%83%91%e3%82%b1%e3%83%83%e3%83%88%e3%82%ad%e3%83%a3%e3%83%97%e3%83%81%e3%83%a3%e3%81%97%e3%81%9f%e3%81%84%ef%bc%88%e4%b8%bb%e3%81%abmac%e5%90%91%e3%81%91%ef%bc%89\/","title":{"rendered":"ssh\u5148\u3067\u30d1\u30b1\u30c3\u30c8\u30ad\u30e3\u30d7\u30c1\u30e3\u3057\u305f\u3044\uff08\u4e3b\u306bmac\u5411\u3051\uff09"},"content":{"rendered":"<div>ssh\u5148\u3067\u30d1\u30b1\u30c3\u30c8\u30ad\u30e3\u30d7\u30c1\u30e3\u3057\u305f\u3044\u3002ssh\u63a5\u7d9a\u304c\u516c\u958b\u9375\u8a8d\u8a3c\u3067\u3001\u79d8\u5bc6\u9375\u304c\u624b\u5143\u306b\u3042\u3063\u3066\u3001tcpdump\u3059\u308b\u306e\u306bsudo\u304c\u5fc5\u8981\u306a\u3044\u306a\u3089\u3070\u3001\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3067\u3044\u3051\u307e\u3059\u3002<\/div>\n<\/p>\n<div style=\"box-sizing: border-box; padding: 8px; font-family: Monaco, Menlo, Consolas, &quot;Courier New&quot;, monospace; font-size: 12px; color: rgb(51, 51, 51); border-top-left-radius: 4px; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border-bottom-left-radius: 4px; background-color: rgb(251, 250, 248); border: 1px solid rgba(0, 0, 0, 0.14902); background-position: initial initial; background-repeat: initial initial;-en-codeblock:true;\">\n<div>wireshark -k -i &lt;(ssh user@example tcpdump -U -n -w -)<\/div>\n<\/div>\n<div>\u3068\u3053\u308d\u304c\u3001ssh\u63a5\u7d9a\u306b\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u5fc5\u8981\u3060\u3063\u305f\u308a\u3001tcpdump\u3059\u308b\u306e\u306bsudo\u304c\u5fc5\u8981\u3060\u3063\u305f\u308a\u3059\u308b\u3068\u3001ssh\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u5165\u529b\u3067\u304d\u306a\u304b\u3063\u305f\u308a\u3001sudo\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u30d7\u30ed\u30f3\u30d7\u30c8\u3092wireshark\u306b\u596a\u308f\u308c\u3066<\/div>\n<\/p>\n<div><a href=\"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-content\/uploads\/2018\/02\/73fd346d2db8697ce4d31408c8a27fe5..png\" rel=\"lightbox[2871]\"><img decoding=\"async\" src=\"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-content\/uploads\/2018\/02\/73fd346d2db8697ce4d31408c8a27fe5..png\"\/><\/a><\/div>\n<\/p>\n<div>\u3063\u3066\u8a00\u308f\u308c\u305f\u308a\u3057\u307e\u3059\u3002<\/div>\n<\/p>\n<div>\u305d\u3053\u3067\u3001\u5148\u306b\u30ea\u30e2\u30fc\u30c8\u30b5\u30fc\u30d0\u3067tcpdump\u3092\u5b9f\u884c\u3057\u3066\u304a\u304d\u3001\u305d\u306e\u51fa\u529b\u3092Wireshark\uff08\u3068ssh\uff09\u3067\u62fe\u3044\u306b\u884c\u304d\u307e\u3059\u3002<\/div>\n<\/p>\n<div>\u305d\u3053\u3067\u6d3b\u8e8d\u3059\u308b\u306e\u304c\u3001\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u3067\u3059\u3002<\/div>\n<\/p>\n<div>\u307e\u305a\u3001\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u3092\u4f5c\u308a\u307e\u3059\u3002<\/div>\n<div>\u81ea\u5206\u304c\u8aad\u307f\u66f8\u304d\u3067\u304d\u308b\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306a\u3089\u3001\u3069\u3053\u3067\u3082\u3044\u3044\u3067\u3059\u3002<\/div>\n<div>\u540d\u524d\u3082\u306a\u3093\u3067\u3082\u3044\u3044\u3067\u3059\u3002<\/div>\n<\/p>\n<div style=\"box-sizing: border-box; padding: 8px; font-family: Monaco, Menlo, Consolas, &quot;Courier New&quot;, monospace; font-size: 12px; color: rgb(51, 51, 51); border-top-left-radius: 4px; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border-bottom-left-radius: 4px; background-color: rgb(251, 250, 248); border: 1px solid rgba(0, 0, 0, 0.14902); background-position: initial initial; background-repeat: initial initial;-en-codeblock:true;\">\n<div><span style=\"font-family: Monaco; font-size: 12px; color: rgb(51, 51, 51);\">mkfifo mytcpdump<\/span><\/div>\n<\/div>\n<div>\u3053\u308c\u3067\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u304c\u51fa\u6765\u307e\u3057\u305f\u3002<\/div>\n<div>ls\u3059\u308b\u3068\u3061\u3087\u3063\u3068\u7279\u6b8a\u306a\u611f\u3058\u3067\u3059\u3002<\/div>\n<\/p>\n<div style=\"box-sizing: border-box; padding: 8px; font-family: Monaco, Menlo, Consolas, &quot;Courier New&quot;, monospace; font-size: 12px; color: rgb(51, 51, 51); border-top-left-radius: 4px; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border-bottom-left-radius: 4px; background-color: rgb(251, 250, 248); border: 1px solid rgba(0, 0, 0, 0.14902); background-position: initial initial; background-repeat: initial initial;-en-codeblock:true;\">\n<div><span style=\"font-family: Monaco; font-size: 12px; color: rgb(51, 51, 51);\">$ ls -l<\/span><\/div>\n<div><span style=\"font-family: Monaco; font-size: 12px; color: rgb(51, 51, 51);\">\u5408\u8a08 0<\/span><\/div>\n<div><span style=\"font-family: Monaco; font-size: 12px; color: rgb(51, 51, 51);\">prw-rw-r&#8211; 1 haoling haoling 0\u00a0\u00a02\u6708\u00a0\u00a06 15:53 <\/span><span style=\"font-family: Monaco; font-size: 12px;\"><font color=\"#000000\">mytcpdump<\/font><\/span><\/div>\n<\/div>\n<div>\u5148\u982d\u304c\u300cp\u300d\u306b\u306a\u3063\u3066\u307e\u3059\u3002\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u306e\u610f\u5473\u3067\u3057\u3087\u3046\u304b\u306d\u3002<\/div>\n<\/p>\n<div>\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u304c\u51fa\u6765\u305f\u306e\u3067\u3001\u3053\u3053\u306b\u5411\u304b\u3063\u3066tcpdump\u3092\u51fa\u529b\u3057\u307e\u3059\u3002<\/div>\n<\/p>\n<div style=\"box-sizing: border-box; padding: 8px; font-family: Monaco, Menlo, Consolas, &quot;Courier New&quot;, monospace; font-size: 12px; color: rgb(51, 51, 51); border-top-left-radius: 4px; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border-bottom-left-radius: 4px; background-color: rgb(251, 250, 248); border: 1px solid rgba(0, 0, 0, 0.14902); background-position: initial initial; background-repeat: initial initial;-en-codeblock:true;\">\n<div><span style=\"font-family: Monaco; font-size: 12px; color: rgb(51, 51, 51);\">sudo tcpdump -U -n -s 0 -w mytcpdump &quot;not port 22&quot;<\/span><\/div>\n<\/div>\n<div>\u300cnot port 22\u300d\u3063\u3066\u3057\u3066\u304a\u304b\u306a\u3044\u3068\u3001wireshark\u306essh\u63a5\u7d9a\u304c\u5ef6\u3005\u3068\u30d1\u30a4\u30d7\u306b\u51fa\u529b\u3055\u308c\u308b\u306e\u3067\u3001\u3048\u3089\u3044\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002<\/div>\n<div>tcpdump\u306e\u5404\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u610f\u5473\u306f<\/div>\n<div>bearmini&#8217;s blog\u69d8\u3092\u53c2\u8003\u306b\u3059\u308b\u3068\u826f\u3044\u3067\u3057\u3087\u3046\u3002<\/div>\n<div><a href=\"http:\/\/bearmini.hatenablog.com\/entry\/2017\/02\/16\/155242\">http:\/\/bearmini.hatenablog.com\/entry\/2017\/02\/16\/155242<\/a><\/div>\n<\/p>\n<div>\u3053\u308c\u3067\u3001\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u306b\u5411\u304b\u3063\u3066tcpdump\u306e\u51fa\u529b\u304c\u9001\u3089\u308c\u7d9a\u3051\u307e\u3059\u304c\u3001\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u306f\u30d7\u30ed\u30bb\u30b9\u9593\u901a\u4fe1\u7528\u306e\u7279\u6b8a\u306a\u30d5\u30a1\u30a4\u30eb\u306a\u306e\u3067\u3001\u30c7\u30a3\u30b9\u30af\u5bb9\u91cf\u3092\u6d88\u8cbb\u3057\u305f\u308a\u306f\u3057\u307e\u305b\u3093\u3002<\/div>\n<\/p>\n<div>\u3053\u308c\u3092\u3001ssh\u7d4c\u7531\u3067Wireshark\u306b\u8aad\u307e\u305b\u307e\u3059\u3002<\/div>\n<\/p>\n<div style=\"box-sizing: border-box; padding: 8px; font-family: Monaco, Menlo, Consolas, &quot;Courier New&quot;, monospace; font-size: 12px; color: rgb(51, 51, 51); border-top-left-radius: 4px; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border-bottom-left-radius: 4px; background-color: rgb(251, 250, 248); border: 1px solid rgba(0, 0, 0, 0.14902); background-position: initial initial; background-repeat: initial initial;-en-codeblock:true;\">\n<div><span style=\"font-family: Monaco; font-size: 12px; color: rgb(51, 51, 51);\">ssh username@example cat mytcpdump | wireshark -k -i &#8211;<\/span><\/div>\n<\/div>\n<div>tcpdump\u3092\u5b9f\u884c\u3057\u3066\u304b\u3089wireshark\u3092\u5b9f\u884c\u3059\u308b\u307e\u3067\u306e\u9593\u306b\u6642\u9593\u304c\u958b\u3044\u3066\u3082\u5927\u4e08\u592b\u3067\u3059\u3002\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u306f\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u306b\u30c7\u30fc\u30bf\u304c\u9001\u3089\u308c\u3066\u304f\u308b\u306e\u3067\u3001\u9045\u5ef6\u306f\u3042\u308a\u307e\u305b\u3093\u3002\u30c7\u30fc\u30bf\u3092\u6e9c\u3081\u8fbc\u3080\u3053\u3068\u3082\u3042\u308a\u307e\u305b\u3093\u3002<\/div>\n<div>Wireshark\u3092\u7d42\u4e86\u3059\u308b\u3068\u30ea\u30e2\u30fc\u30c8\u5074\u306etcpdump\u3082\u843d\u3061\u305f\u308a\u3059\u308b\u306e\u3067\u3001\u6bce\u56de\u8d77\u52d5\u3059\u308b\u5fc5\u8981\u306f\u3042\u308b\u304b\u3082\u3057\u308c\u307e\u305b\u3093\u3002<\/div>\n","protected":false},"excerpt":{"rendered":"<p>ssh\u5148\u3067\u30d1\u30b1\u30c3\u30c8\u30ad\u30e3\u30d7\u30c1\u30e3\u3057\u305f\u3044\u3002ssh\u63a5\u7d9a\u304c\u516c\u958b\u9375\u8a8d\u8a3c\u3067\u3001\u79d8\u5bc6\u9375\u304c\u624b\u5143\u306b\u3042\u3063\u3066\u3001tcpdump\u3059\u308b\u306e\u306bsudo\u304c\u5fc5\u8981\u306a\u3044\u306a\u3089\u3070\u3001\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3067\u3044\u3051\u307e\u3059\u3002wireshark -k -i &lt;(ssh user@example tcpdump -U -n -w -)\u3068\u3053\u308d\u304c\u3001ssh\u63a5\u7d9a\u306b\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u5fc5\u8981\u3060\u3063\u305f\u308a\u3001tcpdump\u3059\u308b\u306e\u306bsudo\u304c\u5fc5\u8981\u3060\u3063\u305f\u308a\u3059\u308b\u3068\u3001ssh\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u5165\u529b\u3067\u304d\u306a\u304b\u3063\u305f\u308a\u3001sudo\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u30d7\u30ed\u30f3\u30d7\u30c8\u3092wireshark\u306b\u596a\u308f\u308c\u3066\u3063\u3066\u8a00\u308f\u308c\u305f\u308a\u3057\u307e\u3059\u3002\u305d\u3053\u3067\u3001\u5148\u306b\u30ea\u30e2\u30fc\u30c8\u30b5\u30fc\u30d0\u3067tcpdump\u3092\u5b9f\u884c\u3057\u3066\u304a\u304d\u3001\u305d\u306e\u51fa\u529b\u3092Wireshark\uff08\u3068ssh\uff09\u3067\u62fe\u3044\u306b\u884c\u304d\u307e\u3059\u3002\u305d\u3053\u3067\u6d3b\u8e8d\u3059\u308b\u306e\u304c\u3001\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u3067\u3059\u3002\u307e\u305a\u3001\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u3092\u4f5c\u308a\u307e\u3059\u3002\u81ea\u5206\u304c\u8aad\u307f\u66f8\u304d\u3067\u304d\u308b\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306a\u3089\u3001\u3069\u3053\u3067\u3082\u3044\u3044\u3067\u3059\u3002\u540d\u524d\u3082\u306a\u3093\u3067\u3082\u3044\u3044\u3067\u3059\u3002mkfifo mytcpdump\u3053\u308c\u3067\u540d\u524d\u4ed8\u304d\u30d1\u30a4\u30d7\u304c\u51fa\u6765\u307e\u3057\u305f\u3002ls\u3059\u308b\u3068\u3061\u3087\u3063\u3068\u7279\u6b8a\u306a\u611f\u3058\u3067\u3059\u3002<\/p>\n","protected":false},"author":1,"featured_media":2870,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"activitypub_content_warning":"","activitypub_content_visibility":"local","activitypub_max_image_attachments":4,"activitypub_interaction_policy_quote":"","footnotes":""},"categories":[1],"tags":[11],"class_list":["post-2871","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-linux"],"_links":{"self":[{"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/posts\/2871","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/comments?post=2871"}],"version-history":[{"count":0,"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/posts\/2871\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/media\/2870"}],"wp:attachment":[{"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/media?parent=2871"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/categories?post=2871"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fei-yen.jp\/maya\/wordpress\/wp-json\/wp\/v2\/tags?post=2871"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}