Server :: SSH Tunnel Forwarding With No Shell?
Jul 9, 2010
I am trying to have the SSH tunnel Remote forwarding command in a shell script. I should be able to do 2 tasks, but unable to get that going.1) I have 3 servers Server 1, Server 2, Server 3.I have my Database running on Server 1 and my script running on Server 2 which should be able to do port forwarding from Server 1 to Server 3.so for example on Server 2ssh -i $ssh_key -R 9000:Server1:3333 root@Server2.
I need to be able to stick this in a shell script something like
getTunnel()
{
[code]...
View 1 Replies
ADVERTISEMENT
Mar 18, 2010
I currently have a gui running on port 8000 on some of my remote servers, unfortunately i do not control the firewall so can not open that outbound port to access it from hereIs there a way with an ssh tunnel to redirect that to another port so i can access it from here?
View 2 Replies
View Related
Mar 12, 2011
I need a to allow a user to tunnel an ssh session but disallow them a bash shell. # chsh -s /sbin/nologin {username} won't cut it...? would permissions be the way to go with it? But how? Setup a group and add the user to that group? Or add all other users to that group... I'm confused
View 3 Replies
View Related
Jul 28, 2011
I don't understand the concept of ssh port forwarding and tunneling.I was going to set up a remote desktop (vnc) connection to my grandmother's laptop that we'll give her soon so if something goes wrong i can fix it from here (she lives on the other side of the world). However, i've read using vnc plain over the internet isn't secure, and that i can secure it by running it through an ssh tunnel.That's what i've understood so far. However, from there on i get confused.
I'd have to run both an ssh server AND a vnc server on her laptop? So what i'd have to do is ssh into her computer, and then while logged on on her computer, somehow open a vnc connection back from the remote server to the local computer? Then i'd go back to my local computer and open a port where the vnc connection is waiting? From the concept, it would seem like i should be able to tunnel all the regular network traffic from the local computer to the remote one through ssh?
View 4 Replies
View Related
May 25, 2011
I need create ssh forwarding to other linux box that works as a proxy.I have two linux boxes(centos 5.5), one in the office(server1) behind firewall, other at colocation(server2)server1 has squid proxy instaled on port 3128.i cant use server1 as a direct proxy from home because its behind firewall.iwas able to create ssh tunnel from server1 to server2 and when i log in to server2 ican ssh root@localhost -p 12312 to server1
what i need is configure server2 so it forwards port server2:3128 to server1:3128....and i could add server2 ip addres and port to firefox proxy's and access ofice network.
View 3 Replies
View Related
Feb 1, 2010
I was having trouble setting up a db connection from my local machine to a db server that was configured to only accept connections from machines behind its own subnet. I had trouble setting up a multiple hop tunnel for chaining port forwarding through my firewall machine on the same subnet as the db. My first attempt involved two port forwards, on localhost and on the firewall machine, which didn't work for me. This approach I found at URL... involved constructing an end to end connection to the db via the firewall machine.
View 2 Replies
View Related
Jul 21, 2011
I have an Ubuntu 11.04 instance running on Amazon EC2. I am currently using it as an SSH tunnel/SOCKS proxy. Most of my Net activity is on a Windows 7 machine running PuTTY. This setup is working very well. So well that a few of my friends have expressed interest in accessing it. Question is, how do I share this proxy, without giving away my private key and root access? I would like to limit users to only being able to set up an SSH tunnel/SOCKS proxy, with no shell access. What other security measures would you recommend for such a setup? I googled a bit and saw references to rbash and chroot. I have already changed the SSH port, and set the EC2 firewall to allow inbound SSH only from my ISP's address range. My friends use the same ISP. They would probably be running Windows 7/Vista, and PuTTY too.
View 4 Replies
View Related
Mar 1, 2010
I'm using Postgresql 8.4.2-2. I'm trying to remote into my server securely. I figure I could do so with ssh. Apparently I figured correctly, as per, [URL] and [URL] I setup the ssh tunnel. ssh -L 5432:serverip:5432 Then I setup pgadmin3 to connect as follows:
host: localhost
port: 5432
user: postgres
maintenance db: postgres
And I receive the following error:
An error has occurred: Quote: An error has occurred: Error connecting to the server: server closed the connection unexpectedly This probably means the server terminated abnormally before or while processing the request.
I'm not sure what the problem is. I can connect with Code: psql from the cli after connecting to the terminal via ssh. So I know that I'm using the correct password.
View 3 Replies
View Related
Jul 7, 2010
I'm working remotely at the minute, but have several 'incoming' automatic reverse shells connecting to a dedicated server. This dedicated server does not have X, but several of the 'incoming' shell servers do. Basically, take three machines, laptop, server, client. Laptop and client have X, server does not. All three machines have password-less logins to each other (laptop > server, server > client) and can password-lessly establish a shell.
I've tried ssh -X user@server "ssh -X user@client gui-application" and, no suprise, I'm getting 'Cannot open Display" messages. Does anyone know I nice one-liner for this kind of tunnelling?
View 3 Replies
View Related
Jan 15, 2010
I'm trying to tunnel and SSH connection through another server.for the tunnel is ran:ssh -L 8112:yy.yy.yy.yy:22 -N user@xx.xx.xx.xxBut when I try to ssh to localhost -p8112 I get an immediate error saying "exited: remote closed the connection
View 1 Replies
View Related
Apr 5, 2010
I am building up a site-to-site OpenVPN tunnel between two locations. I am setting this up in two CentOS 5.4 boxes each containing two NIC's. I can get the tunnel up and running, and I can ping across the tunnel, however, from the client end of the tunnel I can not ping anything behind the server end of the tunnel. In other words, I can't ping anything on the server's LAN. On both servers, eth0 is the WAN side and eth1 is the LAN side.
OpenVPN server:
eth1 - 10.10.202.2/24
OpenVPN client-server:
eth1 - 192.168.204.1/24
I have IP forwarding enabled in the kernel on both machines.
Code:
[root@vpn01 openvpn]# cat /proc/sys/net/ipv4/ip_forward
[Code]...
I'm sure that the answer is right in front of me, but I can't seem to get it cleared up. I can't hit anything on the 192.168.1.0/24, 192.168.2.0/24, 10.10.4.0 or 10.10.202.0 networks from the client server.
View 14 Replies
View Related
Jan 11, 2011
Does anyone know the best and simplest way to do this? I'd like the share to be mounted over the tunnel on boot with as little scripting as possible and be as secure as possible without exposing more than one port to the outside. I will be trying this method: [URL]... once the tunnel is established and 'always on' NFS would take care of the file system mount obviously. Lots of the information I have been reading is not up to date it seems. Does anyone have any experience with this?
View 1 Replies
View Related
Jul 19, 2011
I use two Ubuntu machines, one at home and one at work. In order to connect to the machine at work from home I need to connect through a "tunnel server" that controls all the traffic to the machines at work.I am able to connect with ssh to the tunnel server and from the tunnel server ssh my own machine at work. My question is how do I retrieve files form my work machine to the home machine. How do I sync folders between the machines using rsync when the "tunnel server" is in between?
View 3 Replies
View Related
May 20, 2010
I'm currently tunnelling to my Ubuntu pc at home from my laptop in order to bypass my schools false-positive prone filter. Is there a way to record traffic that both comes to and is delivered by my pc?
View 1 Replies
View Related
Jul 26, 2010
I am using ubuntu10.04-server 64bit AMD with fluxbox. After I ran Matlab in a shell (without GUI) the shell does not display characters anymore, but will execute any command, I just can't see the characters that I'm typing.. I use aterm and xterm, does anybody know why that is, am I missing a package?
View 1 Replies
View Related
Feb 28, 2011
We have following setup,
1. Webserver (Centos 5.5)
2. Mail server (Centos 5.5)
We have configured autossh successfully to create/manage the ssh tunnel into mail server in order to dump all emails to localhost port.
To auto start autossh in boot time we have included following into /etc/rc.d/rc.local,
Quote:
So whenever our web application wants to send out emails it dump all emails to localhost:33465 port, easy piecy, all are working great
Now we have a requirement that logwatch reports should get delivered via the same ssh tunnel rather than installing postfix and configuring as a relay.
In logwatch is there a way to achieve that?
View 4 Replies
View Related
Jun 7, 2011
When i try to open a connection to start querying i get this message:
Cannot Connect to Database Server
Cannot start SSH tunnel manager
1 Check that mysql is running on server 127.0.0.1
2 Check that mysql is running on port 3306 (note: 3306 is the default, but this can be changed)
3 Check the root has rights to connect to 127.0.0.1 from your address (mysql rights define what clients can connect to the server and from which machines)
4 Make sure you are both providing a password if needed and using the correct password for 127.0.0.1 connecting from the host address you're connecting from
View 2 Replies
View Related
Oct 21, 2010
my ftp (with SSL) server is behind firewall.
Code:81.81.81.81 FIREWALL (my external address) 192.168.1.5 - FTP server How to create portforwarding for such a configuration. I`m not interesting about iptables rules. I would like to know which port should I redirect and how ? FTP server usualy using 20 and 21. What about VSFTPD with SSL ? Also 20 and 21 ?
View 1 Replies
View Related
Feb 3, 2010
I have two PC's, one with slackware and one with arch, and I am trying to access the web server from the archlinux machine but i haven't manage to do that. The archlinux machine is connect to the internet via the slackware machine via a crossover cable:
internet > eth0 (pc1) and ppp0 (the PPPoE connection, pc1) > eth1 (pc1) > eth0 (pc2)
PC1:
ifconfig eth1 192.168.0.1 netmask 255.255.255.0
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -A FORWARD -i ppp0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o ppp0 -j ACCEPT
pc2:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
ifconfig eth0 up
route add default gw 192.168.0.1 eth0
/etc/resolv.conf (The same DNS as the first PC)
And now the internet is working and on the archlinux machine, but I am not able to access the web server from LAN with a public IP. I tried many iptables port forwarding commands but none worked.
View 14 Replies
View Related
Jan 6, 2010
Pre-exsisting issue from 9.04 server, and has never worked right for me. When I try to open an X11 forwarded app on a mac using the command "ssh -X myusername@serverIP" Other linux machines have similar issues from terminal. I can login just fine and preform any actions I want that do not require X11 forwarding, like say firefox or a manager. I just get the error "Error: no display specified" when trying to do anything with X11 forwarding. I have almost no Linux experience but from tinkering and my friends tinkering wonder if I have a x authority issue.
At one point I had ubuntu desktop package installed (forwarding still did not work then), did a unclean uninstall of it installed Xubuntu. Xubuntu did nothing but throw fits saying I did not have authority to preform all sorts of actions, many relating to root access. This box is meant to be a headless file, print and web server with the ability to login remotely as a convince for administration. I have given up on having a working GUI of any kind on this box. I really do not want to reinstall because of the amount of data on the main partition. What can I start trying to look into?
View 1 Replies
View Related
Feb 20, 2010
This should be easy but for some reason its not working. I don't have admin rights on one of my local networks to open the firewall for port 80 to make my server accessible remotely (from the internet). I have a remote server (OpenVZ VPS) and I want to port forward so that [url]:8080 will point to my localhost:80 from the internet itself (i can get it to work on the remote VPS server's local network)...
How could I accomplish this? Basically, I am trying to serve webpages from behind a firewall using a VPS as a hub.
View 4 Replies
View Related
May 22, 2010
I have set up 10.04 server, got userdir working (/home/username/public_html) so I can access it with h ttp://myipaddress/~username. What do I need to do to get mydomain.com to point to http://myipaddress/~username?
View 9 Replies
View Related
Dec 13, 2010
We have a Ubuntu system that is connected to 4 different networks.
Code:
eth0: 192.168.12.9
eth1: 192.168.2.142
[code]....
View 4 Replies
View Related
Jan 18, 2010
I am setting up a new server with 2 nics installed. Nic0 goes to the firewall and nic1 goes to the internal engineering network.
Problem is Ip forwarding is not working!
Particulars:
Server Name - slick
Firewall Name - gateone
engineering node - crooked
Routing on slick:
From crooked ( which is inside the server (slick) with an ip address of xx.xx.221.249 the only way I can ping or anything outside of the firewall ( gateone) is to turn on IPtables with this configuration:
I don't want to use IPtables. I need the ip forwarding to work.
View 6 Replies
View Related
Mar 26, 2010
I have the following setup and Im trying to forward all incoming connection on port 1194 on eth2 which is the external network to ip 192.168.10.100, but seems its not working.
Current config:
# Generated by iptables-save v1.3.8 on Sun Nov 16 00:00:54 2008
*nat
:PREROUTING ACCEPT [26751696:2175544875]
:POSTROUTING ACCEPT [339911:19096812]
[code]....
plus im adding the prerouting:
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 1194 -j DNAT --to-destination 192.168.10.100
This configuration doesnt work. I also I have tried:
iptables -D PREROUTING -t nat -p tcp -d XX.XX.XX.XX --dport 1194 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to 192.168.10.100:1194
and the same its not working. Connecting thru telnet to the domain: telnet mydomain.org 1194 doesnt work, but within the server, running telnet 192.168.10.100 1194 it works.
View 8 Replies
View Related
Jan 26, 2010
How do I automatically forward mail to a different user on a different machine in my LAN? I have been beating my head for several hours trying to accomplish this. I have sendmail configured as an MTA solely to receive system mail from daemons. For my personal mail I just use KMail and POP. I want all mail on any system in my LAN to forward mail to my office system, where my normal account can receive the messages. Although my office machine is powered on the most often, the box is not available 24/7.
So any other system that can't immediately forward mail should keep that mail queued as long as necessary. I have no problem forwarding root's mail on each local machine to a local user account on that same machine. I have been able to forward the mails but not the way I want. The mails get forwarded to the local /var/mail/me location rather than into the remote office machine /var/mail/me. Adding another alias in the local /etc/mail/aliases has no effect.
Creating ~/.forward in the local user's home directory also has no effect. Both efforts always result in the mails being forwarded to the local location rather than remote. I can send user-to-user email to and from any machine on my LAN. There are no network problems between any machine. Basic forwarding does work, just not to a remote machine at a different account. I won't pretend to know much about mail systems, let alone sendmail.
View 6 Replies
View Related
Jul 29, 2011
i need to setup port forwarding on my server (i have it running ubuntu 11.04 desktop) so i can host a minecraft server.
View 1 Replies
View Related
May 25, 2010
I was able to do on Debian and Ubuntu Servers X applications running on remote servers where I was able to login via SSH. Tried the same with CentOS did not worked. in /etc/ssh/sshd_config
[Code]....
View 1 Replies
View Related
Nov 24, 2009
My X crashes when I...
1) ssh to a remote centos server using X11 forwarding
2) open the virt-manager remote application (the virtualization management app)
3) Open the remote console
Just to be clear, my local X11 crashes. I get back to the log in screen.
I get in my Xorg log:
Backtrace:
Fatal server error:
-Is this enough for a bug report?
-How I can make X dump a core file for better debugging?
-Do -debug RPM packages still exist, and if so, should I install one for the X server and will this help with debugging, and if so, how do I install it.
View 5 Replies
View Related
Jul 9, 2010
Here's my (admittedly complex) situation:
I set up a dynamic DNS address for my home network. Let's call it [URL]. Then I set up one of my machines with a bind9 DNS server and pointed my router's DNS setting to it. I did this so that I could resolve awesome.server.com from machines inside my network and have them correctly find my server. Then I set up a second machine to serve web pages using [URL]. I did this by forwarding port 9200 on my router to port 80 on that machine. This works, but of course, it only works from outside my network.
What is the best way to get [URL] to work from inside my network?
I've tried setting up the iptables on my server to forward that port, but it just times out. I used these rules that I found by searching the internet:
Code:
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 9200 -j DNAT --to 192.168.0.300:80
iptables -A INPUT -p tcp -m state --state NEW --dport 9200 -i eth1 -j ACCEPT
However, those rules might be failing because they are intended to forward ports requested from outside the network. I must admit, this iptables stuff is way, way over my head. Is there a different method that I must use to make it work inside my network? Or is there a better way besides iptables?
View 1 Replies
View Related
