Article directory
Reposted from CSDN remote penetration article: [vscode remote development] Use SSH to remotely connect to the server "intranet penetration"
foreword
There are many remote connection server tools, such as XShell, putty, etc., you can remotely connect to the server through ssh, but this is not convenient for writing code, you may need to write the code locally and then transfer the source code to the server to run and run on the server The pictures of can't be viewed directly...
And vscode can solve these problems very well. Its core components are all running in a remote environment. The local development machine does not need to have the source code of the remote development environment at all. Writing code on vscode can be directly updated to the server synchronously. You bring a silky-smooth remote development experience.
So in this article tutorial, we will realize remote development through vscode, and do intranet penetration to realize remote connection in the public network environment. You can also remotely connect to the server anywhere outside to develop and write code.
video tutorial
[vscode remote development] Use SSH to remotely connect to the server "intranet penetration
1. Install OpenSSH
Open the Windows start page, search directly PowerShell
, open the first one Windows PowerShell
, and click Run as administrator
After opening, enter the following command:
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'
The result at this time is that OpenSSH is not installed in the computer:
If OpenSSH is already installed, skip this step, if not, enter the following command
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
The final result is as follows, which means that the OpenSSH installation is successful:
After the successful installation of OpenSSH is displayed, enter the command ssh after opening the local cmd and entering
ssh
If the result is displayed like this, then it is correct:
2. vscode configures ssh
Install vscode on windows, and open it after successful installation.
Click the extension in the left toolbar, search for "ssh", and select the first one Remote - SSH
to install (I have already installed it, and all the displays are disabled at this time)
Click the "Settings" button in the lower left corner, followed by "Settings"
According to the prompt in the screenshot, find Show Login Terminal
and check this option
Click the button in the left toolbar 远程
to view the remote connection, and click SSH TARGETS
the button next to the server shown below to connect
3. LAN test to connect to remote server
Take ssh connection to ubuntu as an example, after opening vscode, first try to use the LAN address ssh remote ubuntu
Enter the command into the dialog box and press Enter
ssh username@ip
choose a profile
After the input is completed, the newly added ssh connection will be displayed on the right, click the --> icon to connect, and enter the password, just enter the password
A green sign appears to indicate a successful connection
4. Remote connection via public network
At present, we can only perform remote control within the local area network, which has certain limitations. However, we use intranet penetration to achieve remote connections in the public network environment. Here we use the tool cpolar intranet penetration to achieve it, no need for public network IP, no need to set up routers, and the operation is simple.
cpolar official website: https://www.cpolar.com/
4.1 install cpolar on ubuntu
In this tutorial, we use the ubuntu graphical system. We need to install and configure cpolar intranet penetration on ubuntu, which supports one-click automatic installation scripts.
- Domestic installation
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
- Or cpolar short link installation method: (for foreign use)
curl -sL https://git.io/cpolar | sudo bash
- Check the version number, if it is displayed normally, the installation is successful
cpolar version
- token authentication
Log in to the background of the cpolar official website, click the verification on the left to view your authentication token, and then paste the token in the command line
cpolar authtoken xxxxxxx
- Simple Penetration Test
cpolar http 8080
If the corresponding public network address is generated normally, press ctrl+c to exit
- Add a service to the system
sudo systemctl enable cpolar
- Start the cpolar service
sudo systemctl start cpolar
- Check the status of the service, if it is displayed as shown in the figure below,
active
it is in the started state
sudo systemctl status cpolar
After the installation and configuration of cpolar is complete, visit the local port 9200 on the browser, and use the cpolar email account to log in to the cpolar web UI management interface
After cpolar is successfully installed, 2 sample tunnels will be installed by default, which can be edited or deleted by yourself:
- ssh tunnel: point to local port 22, TCP protocol
- website tunnel: point to local port 8080, HTTP protocol
4.2 Create a tunnel map
We can directly use the sample tunnel ssh, or re-create a tunnel, using the tcp protocol, pointing to port 22. Click Tunnel Management on the left dashboard - Create Tunnel
- Tunnel name: customizable, be careful not to repeat
- protocol: tcp
- Local address: 22
- Port Type: Random ephemeral TCP port
- Region: China VIP
click创建
After the tunnel is successfully created, click on the status on the left - online tunnel list, you can see that the tunnel just created has generated a corresponding public network address, copy it
4.3 Test public network remote connection
Open vscode on windows, and use the copied public network address to remote SSH.
Click SSH TARGETS
the button next to the server shown below to connect
If the added connection does not appear on the left, click the button below to refresh
Then click the small arrow --> connect, select ssh type, select linux
Enter the parameters and password to succeed remotely, which is convenient and quick.
The following information appears to indicate that the remote connection is successful
5. Configure a fixed TCP port address
Since the tunnel created above selects a random temporary TCP port, the generated public network address will change randomly within 24 hours, which is inconvenient for users who need long-term remote access. However, we can configure a fixed address for remote connection, and the subsequent remote does not need to check the random public network address before remote.
Note: The function of configuring a fixed TCP port address needs to be upgraded to the professional version package or above to support it.
5.1 Reserve a fixed TCP port address
Open the cpolar official website, log in to the official website background https://dashboard.cpolar.com/reserved , click on the reservation on the left, let's reserve a fixed TCP port address:
- Region: select China
- Description: It is a note, which can be customized
After the address is successfully reserved, the system will generate a corresponding fixed public network address and copy it down
5.2 Configure fixed TCP port address
Open a browser on the ubuntu system to access the local port 9200, and log in to the cpolar web UI management interface. Click Tunnel Management on the left - Tunnel List, find the ssh tunnel, click Edit on the right, let's modify the tunnel information, and configure the fixed tcp port address into the tunnel
Modify the tunnel information and configure the successfully reserved fixed tcp address into the tunnel
- Port type: modified to fixed tcp port
- Reserved tcp address: fill in the successfully reserved address
click update
After the tunnel is successfully updated, click the status on the left dashboard - the list of online tunnels, find the SSH tunnel, and you can see that the public network address has been updated to a fixed tcp address.
5.3 Test fixed public network address remote
Open vscode and choose to add an ssh connection
Connect using a reserved tcp address
refresh
Refresh the address, click the small arrow on the right "–>" to connect, the following prompt appears, enter yes
A green message appears, indicating that the connection is successful.