It looks like everything is in 1 stream, maybe that answers your question? I am capturing traffic only on port 22 briefly while the rsync is running to look at the packets
Thank you both
Awesome now I understand what you and the other commenter were talking about with aliasing. Well this works perfect without the alias, many thanks
Thank you
This does seem to be exactly what i am looking for. I implemented this and tested it and the command still isn't working yet but i will keep troubleshooting, its probably a silly quirk on my end. Thank you very much!
Thank you for the info! This is very helpful to me.
But the router must forward the port to allow the VPN to be utilized , meaning that port being forwarded can be scanned/detected i thought?
This is the first that I have heard about setting the SSH port to only accept connections from the VPN, is there a term or something I can search about this online? Or is this basically just allowing port 22 open on a device and not forwarding the port on the router as when a different device tunnels into the same network through the VPN it can already talk to the first device?
But wouldn't the port being open alert anyone who looks for that? Network security is not my specialty but I believe I have read that people can ping/scan ip addresses easily and quickly to determine if any ports are open / forwarded, so if Wireguard was used or any VPN software, they could pick up on that as an attack vector?
Thanks for chiming in, im glad its not just me. I feel like i have a much stronger understanding on things more complicated tham groups! That makes it feel worse
Can web elements be sandboxed in any meaningful way?
Im a little knowledgeable with this stuff but i do not know how to see the "handshake" itself, but maybe this is synonymous with what i am doing:
Right click any of the packets (TCP or SSH) > Follow > TCP stream
From there i can see some info about the ssh protocol and connection, as well as the 2 devices communicating (Operating systems used) followed by random gibberish which is the encrypted data.
When I analyze the TCP packet "frames", they contain data including the motherboard manufacturer, but packets themselves look like its just gibberish.
Thanks by the way for trying to help me :)