ssh wireshark 遠程抓包

ssh wireshark 遠程抓包,跟tcpdump結合是最方便的ssh

ssh root@nav tcpdump -U -i ens32 -s0 -w - "not port 22" | wireshark -k -i -

找了很久,終於找到了tcp

#1. tshark + wireshark+ssh
ssh root@host tcpdump -U -s0 -w - "not port 22" | wireshark -k -i -
#2. tcpdump + wireshark + ssh
ssh root@server.com 'tshark -f "port !22" -w -' | wireshark -k -i -
#3. fifo方式
mkfifo /tmp/fifo; ssh-keygen; ssh-copyid root@remotehostaddress; sudo ssh root@remotehost "tshark -i eth1 -f 'not tcp port 22' -w -" > /tmp/fifo &; sudo wireshark -k -i /tmp/fifo;
相關文章
相關標籤/搜索