I'm trying to set up an ssh tunnel so that I can use an internal dev apache server inside a network. The machine is at 192.168.0.10. If I'm ON the machine and type "http://localhost:80" the Apache test page serves up fine. If I'm inside the network and type: "http://192.168.0.10:80" the Apache test page serves up fine.
However, if I use the IP address and the following:
ssh -L 8888:192.168.0.10:80 me(at)xxx.yyy.zzz.ip
and then type "http://localhost:8888" I get a blank white page, no errors, and a note
"channel 3: open failed: administratively prohibited" appearing in the Xterm where I've opened the tunnel.
A similar command:
ssh -L 8888:my.ip.at.home:5900 me(at)my.ip.at.home opens up a tunnel just fine, through which I run VNC. I've checked the firewall on the apache server, and it's offering up port 80. I've checked that "PermitTunnel yes" is in the config. The router allows ssh on port 22, both tcp and udp.
I'm getting these messages Over SSH with the -D switch
Code:
At uni I did this for a couple of reasons, primarily to connect to trackers for bittorrent. I would get these messages fairly often but I never thought much of it because I figured I was just loosing packets over the network or something (understandable in my situation). At home I decided to continue to use this method because that computer is set up in DMZ and is very useful. I havn't received many of these messages but recently all my torrents stalled and I had a whole bunch of these messages. Is it possible my computer just cant handle all the network connections (it's a 2ghz AMD running debian)? What exactly do these messages mean? Is there any way to optimize my connection in any way?
I have a headless server, running Fedora 13. I want to make a ssh tunnel to that server from laptop that is also running Fedora 13. Logging into that server over ssh works well, X11 forwarding also works, but I can't establish a ssh tunnel.
At the moment I was trying to connect two small python tcp sample programs, that communicate through port 8000. Running them both on my laptop works well.
What I am trying to do is that I am making two seperate ssh connections to my server, let's say it's address is myserver.com.
1) I make a 'standard' ssh connection to it
Code:
And run the server program
2) I open another terminal window and make the tunnel
Code:
3) I open 3rd terminal window and try to run the client program, that is trying to connect to localhost:8000.
If I understand it correctly, the client should now connect to localhost:8000, ssh would discover that and send that data to myserver.com port 8000. Then the server program on myserver.com is listening on that port and should get that data and send "hello world" string back to the client. Then the client should get that, print it to stdout and exit.
Unfortunatly all what it does is that it just hangs for about ten seconds and then says "connection lost" (timeout?)
I have tried other programs, they also timout.
By passing the -v argument to ssh it outputs:
Code:
When I try to connect the client it prints four more lines:
Code:
So as you see, it says that the connection times out..Also can anybody tell what the "Unspecified GSS failure." means? The possible break in attempt is caused by connecting to the server using the myserver.com address while being in the same local network with the server. If I connect using server's local ip address (ie. 192.168.1.xxx), the message dissappears.
I recently converted and .avi file to dvd .iso and when I try to play it in my dvd player. I get this message "playback prohibited by area limitations". I was wondering what does that mean and how do I get this movie to play.
I used to play with gw6c ( a client for tunnel broker ) It works well with fedora9 , fedora 10, but not with leonidas. my rpm is gw6c-6.0-0.4.beta4.fc9.i386.rpm ( a little old!) when I tried to install i have got this: libcrypto.so.7 est ncessaire pou w6c-6.0-0.4.beta4.fc9.i386 I try to make a soft link to libcrypto.so.0.9.8k, but nothing; The question :-Is there a solution for that pb - did you know a better client for non native ipv6 connectivity?
I'm trying to set up a secure web tunnel at home I have an Ubuntu box (desktop), a Mac, and a Windows 7 box. I use all of them for different reasons. I want to be able to route traffic from my browser through my Ubuntu box. I have done this before with proxy servers abroad, but I want to do it using ssh and my box at home so I don't have to pay for a service i.e (Secure Tunnel)etc.
I followed the instructions at http://bit.ly/hAnp6u. However, using my Win7 box, after I set the browser part per the instructions, I get no connection from the browser.
Is it possible to chain together multiple SSH tunnel hops in a single `ssh -L` command on the client side? I have two gateways I need to get through in order to access a remote host. For a normal SSH client connection, it's simple enough chain this all together by simply appending the additional SSH connection commands to the first one:Code: ssh gateway.1 ssh gateway.2 ssh remote.host.
I Need to make an SSL tunnel over SSH, I need to create exactly an SSL tunnel,I have a situation like that, I heared it is possible,but don't know how to create an SSL tunnel over SSH i am having putty installed on my pc,So i think i can use putty for this purpose, But i don't know how to do this.
I wanted to create an ssh tunnel but I do not know what commands to run .. my environment is as follows: LAN Internet Office LAN Home PC <-> Linux firewall <-> http server..
According to the above what I figure is that I have an internal web server at my job and I need to create a tunnel to access the web server from my PC in my home. I know I can do a port forwarding with the firewall but I don't want to publish this web server to Internet. My home PC and both servers (firewall and web) are ubuntu. My idea is create a ssh tunnel that forward port 8080 on localhost in my home pc, to the firewall (obviously with public ip), and the the firewall forward to port 80 on office web server at my job. Note that the firewall accepts ssh connections to port 22, same for web server...
i need possible direction on setting up a tunnel between 2 different network. The tunnel will be used by devices from the 2 different network to communicate with each other (for eg DevA and DevB).
DevA <-> Linux A <=====================> Linux B <-> DevB
My school network uses a http proxy to access the internet, but I am dubious about the security, and so I would like to use http inside ssh to keep my data secure. I don't really know where to start on this, so a step-by-step guide, or links to resources, would be helpful.
I'm trying to implement a routing short-cut solution, whose requirement is as following: server1(Linux) sends ip packets(destined to server3) to server2(Linux) via an ip tunnel between them, server2 forwards the ip tunnel's output (the inner ip packets) to server3. Each server has only one NIC and a public ip associated with it. All servers can communicate with each other. I'm sure the ip tunnel between server1 and server2 was configured correctly and worked well. server2's ip_forward was enabled too. On server2, I can capture the traffic on the ip tunnel interface, and they are originated from server1 and destined to server3. The problem is server2 does not forward the ip tunnel's output at all. On server2, I just run "echo 1 > /proc/sys/net/ipv4/ip_forward". Is there anything I missed for enabling ip_forward? Or originally, ip forward can't work on servers with only one NIC, can it?
I have 2 linux servers in different locations. I need to setup a ip tunnel. I follow this steps on both servers:
Server1: ip tunnel add tun0 mode ipip local IP_Server1 remote IP_Server2 dev ethX ip l s tun0 up ip a a 10.10.10.1 peer 10.10.10.2 dev tun0
Server2: ip tunnel add tun0 mode ipip local IP_Server2 remote IP_Server1 dev ethX ip l s tun0 up ip a a 10.10.10.2 peer 10.10.10.1 dev tun0
After creating the tunnel everything is ok, but after a time(maybe some hours), I can't ping the other end of the tunnel (ping to IP_Server1 and IP_Server2 is ok all the time; the connection to internet is very reliable). I have tried "ipip" and "gre" mode, but same result. If I ping from two servers the other end of the tunnel, the connection is again established for some hours and ping is working in both directions.(if I ping only from one side the ping is not working) How can I resolve this issue for no longer having to log on both servers to ping the other end of the tunnel? If I use an crondjob to ping the other end of the tunnel at 2 hours everything is working fine for weeks, but I need other solution.
However, I'd now like to put all the outgoing traffic through a remote system which will further handle the outgoing data (Squid, etc) via the PPPTP device. What would be the most efficient way by which I could achieve this?
I am building up a site-to-site OpenVPN tunnel between two locations. I am setting this up in two CentOS 5.4 boxes each containing two NIC's. I can get the tunnel up and running, and I can ping across the tunnel, however, from the client end of the tunnel I can not ping anything behind the server end of the tunnel. In other words, I can't ping anything on the server's LAN. On both servers, eth0 is the WAN side and eth1 is the LAN side.
OpenVPN server: eth1 - 10.10.202.2/24 OpenVPN client-server: eth1 - 192.168.204.1/24 I have IP forwarding enabled in the kernel on both machines. Code: [root@vpn01 openvpn]# cat /proc/sys/net/ipv4/ip_forward
[Code]...
I'm sure that the answer is right in front of me, but I can't seem to get it cleared up. I can't hit anything on the 192.168.1.0/24, 192.168.2.0/24, 10.10.4.0 or 10.10.202.0 networks from the client server.
Im trying to configure a GRE over IPSec connection between two subnets. The IPSec tunnel is opened and now I want to add a GRE tunnel over it.So, what I didn't understand is why I can't route my subnet over the tunnel, once the only route I have there says that it should route the tunnel IP over the GRE01 interface. Any hint? Thanks.
I have two firewalls, one primary (fw1) and one fall-back/backup (fw2). On the LAN side the fw's reside in the same LAN segment. I have a client who wants VPN redundancy. So I configured two VPN tunnels for this client. One via fw1 and a backup via fw2. Since the default gateway on the VPN server points to fw1 only the tunnel via fw1 is established. OpenVPN can't establish a tunnel via fw2 because of the gateway and just sits there waiting...
so i start it with ssh -f -R 4096:localhost:22 me@server.com and it comes up and someone can log in at the remote end. how do i close the tunnel from the initiating end ? netstat doesnt seem to identify my end of the tunnel , unless im looking for the wrong thing!
Browsing via SSH Tunnel very slow When browsing in firefox at work via proxy through ssh on my 8.04 server the speed is near dial up. I have compression enabled, tried restarting ssh, and rebooting the server but it remains so sluggish. At home the connection is quick but the speed is lost in translation once I ssh in. I also tried adding "UseDNS no" to the ssh config but that did not help with the slow login or any other speed issues.
�nani@jebe-kevu-ovaj-PC:~$ ssh -ND 999 nani@nani.homelinux.com Privileged ports can only be forwarded by root. nani@jebe-kevu-ovaj-PC:~$ sudo ssh -ND 999 nani@nani.homelinux.com
[code]....
which password is he looking for exacly ? user nani is main user at ubuntu after he asked me for password i typed my nani user password and i got in , after how you can see he ask me for onather password i tried the nani�s password but nothing is heppening ?
when my laptop connects to internet. I have placed the script in /etc/network/if-up.d/.The scripts is being run when it should, but the SSH-tunnel isn't created.I can however run the script manually, as root, and then the tunnel is created.
I have a server running Ubuntu Server 10.04 that is a VirtualBox/Samba/SSH server. I have port forwarding set up for ports 22 and 3389 (SSH and RDP) and I want to access the Samba share without opening any other ports. I can connect to it from my internal network, but I want to be able to access it from school. My best guess would be to tunnel the Samba port through SSH, but I don't know how. I will be connecting to it from Ubuntu 10.10 Desktop.
In the office I use firefox for my work items and chrome for my personal items. I currently use proxy switchy with chrome to browse through an ssh tunnel to my home server. The chrome/switchy part works fine.In order to do this I have to open a command window every morning and execute:ssh -p8181 -D 9999 user@myhomeserver.comThen the command window asks my password and I am up and running. (my ssh server at home is running on port 8181)Is there a way to script this so I don't have to open the command window and enter my password every day (and also to prevent a visible command window from being open and visible)
I set up a routed OpenVPN server. Everything works fine. But I'd like to route the DNS queries thru the tunnel too. So I added:
[Code]....
Can't find server name for address 10.8.0.1: Non-existent domain Even thou I have a DNS server set up correctly (on the same server as the VPN) with recursion. I verified that by sending queries form external source, which worked fine. I suspect that the Bind server doesn't listen to the tun0-interface only eth0, but the Bind manual says it should listen to all interfaces by default. The server log shows:
Code: named[9639]: client 10.8.0.10#3807: RFC 1918 response from Internet for 1.0.8.10.in-addr.arpa
How do I get these DNS queries to resolve thru the tunnel?
I use two Ubuntu machines, one at home and one at work. In order to connect to the machine at work from home I need to connect through a "tunnel server" that controls all the traffic to the machines at work.I am able to connect with ssh to the tunnel server and from the tunnel server ssh my own machine at work. My question is how do I retrieve files form my work machine to the home machine. How do I sync folders between the machines using rsync when the "tunnel server" is in between?
I don't understand the concept of ssh port forwarding and tunneling.I was going to set up a remote desktop (vnc) connection to my grandmother's laptop that we'll give her soon so if something goes wrong i can fix it from here (she lives on the other side of the world). However, i've read using vnc plain over the internet isn't secure, and that i can secure it by running it through an ssh tunnel.That's what i've understood so far. However, from there on i get confused.
I'd have to run both an ssh server AND a vnc server on her laptop? So what i'd have to do is ssh into her computer, and then while logged on on her computer, somehow open a vnc connection back from the remote server to the local computer? Then i'd go back to my local computer and open a port where the vnc connection is waiting? From the concept, it would seem like i should be able to tunnel all the regular network traffic from the local computer to the remote one through ssh?
I have my home network (connected to internet via VPN) and my "MS-based" work network (opened to internet via VPN). In windows I can easily create two VPN connections to enter my Work domain, but how can I do that in Linux? Network Manager allows only one VPN connection... The best way is to create pptp tunnel over configured in Network Manager ppp0. I've googled a lot but still didn't find any working example.
I'm new to iptable configuration. I've set up a VPN using DD-WRT on my router and it works fine. However the VPN company does not allow port 25 traffic (in case of spammers) so now I can't get my emails sent out.
I'm guessing I can add some rules to my iptable so that all traffic except port 25 traffic can go out through the VPN tunnel. And hopefully, all port 25 traffic will go out through the normal Internet connection.code...
