I'm trying to run a script to execute the command
Code:
ssh -D port host
when my laptop connects to internet. I have placed the script in /etc/network/if-up.d/.The scripts is being run when it should, but the SSH-tunnel isn't created.I can however run the script manually, as root, and then the tunnel is created.
I Need to make an SSL tunnel over SSH, I need to create exactly an SSL tunnel,I have a situation like that, I heared it is possible,but don't know how to create an SSL tunnel over SSH i am having putty installed on my pc,So i think i can use putty for this purpose, But i don't know how to do this.
View 1 Replies View RelatedI wanted to create an ssh tunnel but I do not know what commands to run .. my environment is as follows:
LAN Internet Office LAN
Home PC <-> Linux firewall <-> http server..
According to the above what I figure is that I have an internal web server at my job and I need to create a tunnel to access the web server from my PC in my home. I know I can do a port forwarding with the firewall but I don't want to publish this web server to Internet. My home PC and both servers (firewall and web) are ubuntu. My idea is create a ssh tunnel that forward port 8080 on localhost in my home pc, to the firewall (obviously with public ip), and the the firewall forward to port 80 on office web server at my job. Note that the firewall accepts ssh connections to port 22, same for web server...
i need possible direction on setting up a tunnel between 2 different network. The tunnel will be used by devices from the 2 different network to communicate with each other (for eg DevA and DevB).
DevA <-> Linux A <=====================> Linux B <-> DevB
I'm trying to create EoIP interface on ubuntu so i can create a simple tunnel to my mikrotik router. Is there anyone know how or even done that? If EoIP is not possible, is there any other simple way?
I had already read and thought about doing it with OpenVPN, but when I read the community documentation for OpenVPN on ubuntu 10.10, I fear it won't connect the tunnel to mikrotik OpenVPN server, since OpenVPN on ubuntu uses 2 certificate and 2 key files(as i read on the docs), but mikrotik configuration, i can see only 1 certificate can be applied on. This confuses me and make me decide to use EoIP(but i can't find any tutorial/docs about it). I don't actually need the encryption and security, i just need to create a tunnel for ubuntu and mikrotik.
I'm looking for a tutorial on how to create a simple pppd tunnel between two machines. I've found alot of tutorials about pppd over ssh (using the pty option) but for the purpose I just want a simple pppd tunnel.
Specs
host 1: lan ip 10.101.10.20 running slackware 13.0
host 2: lan ip 10.101.10.21 running slackware 13.1
Just give you the background:1) Let's call the two machines, Box A and Box B.2) OpenSSH is running on both machines.3) Key based authentication is setup between two users on these two machines, and both can login into the other with: "ssh user@host" with no problems at all.4) I'm also port tunnelling over SSH to encrypt some traffic between the two machines: "ssh -f -N -L 1000:HOSTNAME:1000 user@HOSTNAME"I can obviously then use "localhost:1000" to connect Box A to port 1000 on Box B securely.However ... and this is my problem ... I want this port tunnelling connection to be automatic when I boot the machine, e.g. "Presession" and "before" a user logs in.I tried adding to gdm/PreSession/Default: "ssh -f -N -L 1000:HOSTNAME:1000 user@HOSTNAME"But the problem then is because the user is not *logged in* at this stage, it can't use the user's private key to connect to the server, and hence can't automatically create the connection.How do I get Box A to automatically create a tunnel over a port to Box B, without any intervention from me, *prior* to any users logging in?
View 2 Replies View RelatedJust give you the background:1) Let's call the two machines, Box A and Box B.2) OpenSSH is running on both machines.3) Key based authentication is setup between two users on these two machines, and both can login into the other with no problems at all.4) I'm also port tunnelling over SSH to encrypt some traffic between the two machines. (I did have the port tunnelling code here, but this forum won't let me post URL ).I can obviously then forward port 1000 on Box A to port 1000 on Box B, securely.However ... and this is my problem ... I want this port tunnelling connection to be automatic whenoot the machine, e.g. Presession" and "before" a user logs in.I tried adding the tunnel command to gdm/PreSession/Default, but the problem then is because the user is not *logged in* at this stage, it can't use the user's private key to connect to the server, and hence can't automatically create the connection.
View 1 Replies View RelatedMachine A is located behind client firewall. The machine runs telnetd. This is Linux machine with Python 2.5.4 installed. I do not know the IP addy of the router and firewall is not open incoming. outgoing firewall is open.
Machine B (Windows machine) is a server with well known IP address. I can install any programs I want on either machine.
The idea is that I want Machine A to open a socket to machine B. Then I want to hold that socket and use to run a telnet session from Machine B to Machine A telnetd server.
I have an security cam with a built-in webpage inside my home network. That camera is using basic HTTP authentication instead of SSL. I want to be able to access the camera's webpage from outside my network, but I don't want to open an unencrypted video stream to the outside world. Right now, I'm doing some cumbersome ssh tunneling where I bounce off an ssh server like: ssh -N -L 9090:[URl]..and then I connect to my web page like: http://localhost:9090
But this is a pain. Now, gentle reader, I beseech you to tell me how I can use linux (Ubuntu) to get a fully encrypted SSL connection to my internal web page without the hassle of creating an ssh tunnel each time. I believe I can use stunnel, but I'm not sure of the command.
so i start it with ssh -f -R 4096:localhost:22 me@server.com and it comes up and someone can log in at the remote end. how do i close the tunnel from the initiating end ? netstat doesnt seem to identify my end of the tunnel , unless im looking for the wrong thing!
View 1 Replies View RelatedBrowsing via SSH Tunnel very slow When browsing in firefox at work via proxy through ssh on my 8.04 server the speed is near dial up. I have compression enabled, tried restarting ssh, and rebooting the server but it remains so sluggish. At home the connection is quick but the speed is lost in translation once I ssh in. I also tried adding "UseDNS no" to the ssh config but that did not help with the slow login or any other speed issues.
View 5 Replies View RelatedI tried this :
Quote:
ssh -ND 9999 username@home_router_ip_address
and this is output :
�nani@jebe-kevu-ovaj-PC:~$ ssh -ND 999 nani@nani.homelinux.com
Privileged ports can only be forwarded by root.
nani@jebe-kevu-ovaj-PC:~$ sudo ssh -ND 999 nani@nani.homelinux.com
[code]....
which password is he looking for exacly ? user nani is main user at ubuntu after he asked me for password i typed my nani user password and i got in , after how you can see he ask me for onather password i tried the nani�s password but nothing is heppening ?
I have a server running Ubuntu Server 10.04 that is a VirtualBox/Samba/SSH server. I have port forwarding set up for ports 22 and 3389 (SSH and RDP) and I want to access the Samba share without opening any other ports. I can connect to it from my internal network, but I want to be able to access it from school. My best guess would be to tunnel the Samba port through SSH, but I don't know how. I will be connecting to it from Ubuntu 10.10 Desktop.
View 9 Replies View RelatedIn the office I use firefox for my work items and chrome for my personal items. I currently use proxy switchy with chrome to browse through an ssh tunnel to my home server. The chrome/switchy part works fine.In order to do this I have to open a command window every morning and execute:ssh -p8181 -D 9999 user@myhomeserver.comThen the command window asks my password and I am up and running. (my ssh server at home is running on port 8181)Is there a way to script this so I don't have to open the command window and enter my password every day (and also to prevent a visible command window from being open and visible)
View 1 Replies View RelatedI set up a routed OpenVPN server. Everything works fine. But I'd like to route the DNS queries thru the tunnel too. So I added:
[Code]....
Can't find server name for address 10.8.0.1: Non-existent domain Even thou I have a DNS server set up correctly (on the same server as the VPN) with recursion. I verified that by sending queries form external source, which worked fine. I suspect that the Bind server doesn't listen to the tun0-interface only eth0, but the Bind manual says it should listen to all interfaces by default. The server log shows:
Code:
named[9639]: client 10.8.0.10#3807: RFC 1918 response from Internet for 1.0.8.10.in-addr.arpa
How do I get these DNS queries to resolve thru the tunnel?
I use two Ubuntu machines, one at home and one at work. In order to connect to the machine at work from home I need to connect through a "tunnel server" that controls all the traffic to the machines at work.I am able to connect with ssh to the tunnel server and from the tunnel server ssh my own machine at work. My question is how do I retrieve files form my work machine to the home machine. How do I sync folders between the machines using rsync when the "tunnel server" is in between?
View 3 Replies View RelatedI don't understand the concept of ssh port forwarding and tunneling.I was going to set up a remote desktop (vnc) connection to my grandmother's laptop that we'll give her soon so if something goes wrong i can fix it from here (she lives on the other side of the world). However, i've read using vnc plain over the internet isn't secure, and that i can secure it by running it through an ssh tunnel.That's what i've understood so far. However, from there on i get confused.
I'd have to run both an ssh server AND a vnc server on her laptop? So what i'd have to do is ssh into her computer, and then while logged on on her computer, somehow open a vnc connection back from the remote server to the local computer? Then i'd go back to my local computer and open a port where the vnc connection is waiting? From the concept, it would seem like i should be able to tunnel all the regular network traffic from the local computer to the remote one through ssh?
I am currently running 64-bit Windows 7 from my home laptop and I would like to establish an SSH reverse tunnel to my laptop from my work Ubuntu 64-bit machine. I have been reading many "tutorials" that have led me nowhere and I feel as though I'm chasing my tail now. I have done the following on my Ubuntu machine:
Code:
ssh -R 19999:localhost:22 laptop_ip
and on my Windows machine, using putty, did the following:
Code:
Host Name: host_IP
[Code]...
I am able to access my Ubuntu machine when on my work network but there I have been unsuccessful when it comes to trying to remotely access it. I have tried everything that I can think of (though I am a novice). If there is any help/suggestions/ideas that could help, please let me know and don't hesitate to ask for more info!
p.s. I would also like to enable x-forwarding, but for now I would like to have remote access to the Ubuntu machine.
I'm trying to create a VPN through SSH but encounter the following:
Code:
[18:42:11]root@bronzhip:/home/casey# sudo ssh -w 0:0 97.**.***.221 -i VPN
channel 0: open failed: administratively prohibited: open failed
[code]....
I'm trying to set up a secure web tunnel at home I have an Ubuntu box (desktop), a Mac, and a Windows 7 box. I use all of them for different reasons. I want to be able to route traffic from my browser through my Ubuntu box. I have done this before with proxy servers abroad, but I want to do it using ssh and my box at home so I don't have to pay for a service i.e (Secure Tunnel)etc.
I followed the instructions at http://bit.ly/hAnp6u. However, using my Win7 box, after I set the browser part per the instructions, I get no connection from the browser.
Is it possible to chain together multiple SSH tunnel hops in a single `ssh -L` command on the client side? I have two gateways I need to get through in order to access a remote host. For a normal SSH client connection, it's simple enough chain this all together by simply appending the additional SSH connection commands to the first one:Code: ssh gateway.1 ssh gateway.2 ssh remote.host.
View 6 Replies View RelatedI run Ubuntu 9.10 locally connecting to CentOS5 on a remote server.When I run the following command in the Terminal;ssh -v -L 10005:localhost:10000 root@remote_ip_address -F ~/.ssh_config -i ~/.ssh/private_key_file_nameafter 'Authentication succeeded (publickey)' I get the following for channel 1;sys_tun_open: failed to open tunnel control interface:Permission deniedhowever, it does open an interactive client-session on channel 2 and my browser will then connect (via URL localhost:10005) to Webmin on the remote server which is the object of the exercise.However, because sys_tun_open failed, I am concerned that the transactions may not be encrypted as I understand they would be in proper tunnelling
View 4 Replies View RelatedMy friend has a server with 2 ips, 1 primary and 1 secondary/failover. He has given me a shell account and I want to use ssh to route my home http traffic through it like a socks proxy. I connect to his server using the secondary ip like this:
ssh me@secondary_ip -p port -D forwarding_port
It builds a proxy, however it uses the primary ip of the server, not the secondary ip that I logged in with. When using irssi I've bound it to the secondary ip with no problem. If I try to use the -b flag I get the error: cannot bind: Cannot assign requested address.
how I can bind the ssh tunnel to the secondary ip?
I am using 10.04 ubuntu and I have forgotten my password to login to a ssh tunnel. It is not the root password on my computer. Is there any way I can find the password out, change it, or just start over and create a new one? I know it isn't a connection problem because I can't login to ssh from localhost either. I've tried reinstalling ssh too.
View 3 Replies View RelatedI am trying to establish a tunnel from my ubuntu machine 9.10 using miredo package. After installation I wanted to ping an ipv6 address and I get this error:
Address unreachable, destination unreachable
However, when I ping ipv6.google.com I have no problem.
I have a headless server, running Fedora 13. I want to make a ssh tunnel to that server from laptop that is also running Fedora 13. Logging into that server over ssh works well, X11 forwarding also works, but I can't establish a ssh tunnel.
At the moment I was trying to connect two small python tcp sample programs, that communicate through port 8000. Running them both on my laptop works well.
What I am trying to do is that I am making two seperate ssh connections to my server, let's say it's address is myserver.com.
1) I make a 'standard' ssh connection to it
Code:
And run the server program
2) I open another terminal window and make the tunnel
Code:
3) I open 3rd terminal window and try to run the client program, that is trying to connect to localhost:8000.
If I understand it correctly, the client should now connect to localhost:8000, ssh would discover that and send that data to myserver.com port 8000. Then the server program on myserver.com is listening on that port and should get that data and send "hello world" string back to the client. Then the client should get that, print it to stdout and exit.
Unfortunatly all what it does is that it just hangs for about ten seconds and then says "connection lost" (timeout?)
I have tried other programs, they also timout.
By passing the -v argument to ssh it outputs:
Code:
When I try to connect the client it prints four more lines:
Code:
So as you see, it says that the connection times out..Also can anybody tell what the "Unspecified GSS failure." means? The possible break in attempt is caused by connecting to the server using the myserver.com address while being in the same local network with the server. If I connect using server's local ip address (ie. 192.168.1.xxx), the message dissappears.
My school network uses a http proxy to access the internet, but I am dubious about the security, and so I would like to use http inside ssh to keep my data secure. I don't really know where to start on this, so a step-by-step guide, or links to resources, would be helpful.
View 2 Replies View RelatedI'm trying to implement a routing short-cut solution, whose requirement is as following: server1(Linux) sends ip packets(destined to server3) to server2(Linux) via an ip tunnel between them, server2 forwards the ip tunnel's output (the inner ip packets) to server3. Each server has only one NIC and a public ip associated with it. All servers can communicate with each other. I'm sure the ip tunnel between server1 and server2 was configured correctly and worked well. server2's ip_forward was enabled too. On server2, I can capture the traffic on the ip tunnel interface, and they are originated from server1 and destined to server3. The problem is server2 does not forward the ip tunnel's output at all. On server2, I just run "echo 1 > /proc/sys/net/ipv4/ip_forward". Is there anything I missed for enabling ip_forward? Or originally, ip forward can't work on servers with only one NIC, can it?
View 3 Replies View RelatedI have 2 linux servers in different locations. I need to setup a ip tunnel. I follow this steps on both servers:
Server1: ip tunnel add tun0 mode ipip local IP_Server1 remote IP_Server2 dev ethX ip l s tun0 up ip a a 10.10.10.1 peer 10.10.10.2 dev tun0
Server2: ip tunnel add tun0 mode ipip local IP_Server2 remote IP_Server1 dev ethX ip l s tun0 up ip a a 10.10.10.2 peer 10.10.10.1 dev tun0
After creating the tunnel everything is ok, but after a time(maybe some hours), I can't ping the other end of the tunnel (ping to IP_Server1 and IP_Server2 is ok all the time; the connection to internet is very reliable). I have tried "ipip" and "gre" mode, but same result. If I ping from two servers the other end of the tunnel, the connection is again established for some hours and ping is working in both directions.(if I ping only from one side the ping is not working) How can I resolve this issue for no longer having to log on both servers to ping the other end of the tunnel? If I use an crondjob to ping the other end of the tunnel at 2 hours everything is working fine for weeks, but I need other solution.