pipetap.sh: Remote wireshark. Invoke tcpdump over ssh piping to STDOUT, for importation to a local Wireshark via STDIN.

Neat little one-liner. Thanks for sharing.

A couple things you might want to consider…

ssh -A

There’s no need to forward the SSH agent. The docs even say “Agent forwarding should be enabled with caution.”

sudo wireshark

No need to execute with sudo. This is also not recommended.

You might consider including sudo for the tcpdump call instead.


Leave a Reply