Ubuntu Servers :: SSH Tunneling Only
Feb 1, 2011
I currently have SSH set up on my network and facing outwards so that I can use my private key to authenticate and remotely administrate my server along with the ability to use SSH tunnels when needed to encrypt my traffic. However, I want to be able to give a friend access and use my server as a SSH tunnel, I do not want him to be able to execute any commands or write any files, just to create an SSH tunnel. Although it would not be too much of a large issue if he could write to his own home directory, I just want to ensure that he isn't able to browse around the whole file system and keep it as simple as possible.
View 9 Replies
ADVERTISEMENT
Mar 28, 2010
I have a local computer (local), and remote computer (remote) behind of remote server (server). Also, I have user access to all of these 3 machines. Now, I want mount some directory, located at remote, to my local mount-point via sshfs. How should I setup my local sshfs and what should be done on server to make this mounting?
I'm stuck with ssh tunneling because the default method for tunneling requires root access while WinSCP somehow could do this with only user access (the tunnel server could be configured there in 'tunnel' panel).
View 5 Replies
View Related
Oct 7, 2010
I need to allow connection to some users on a servers with key authentication so that they can setup a tunnel to access a web application. But I don't wan't them to have a access to a shell.
View 5 Replies
View Related
Jan 29, 2010
I'm having trouble ssh tunneling through two servers to get to my database. Server3 is restricted to all except from server2 and I'm at server1. So on server2 i do ssh -L1434:server2:1435 -l user server2 - this works i'm able to connect to the db on server3 from server2. But on server3 i'm trying to ssh -L1433:server2:1434 -l user server2
- and I get 'connection refused'. I tried telnet server2 1434 from server3 and i get 'connnection refused'. I checked the firewall is open on server 2 - firestarter confirms that port 1434 is open to everyone. I'm not sure what I'm doing wrong, but I have a hunch that maybe firestarter on server2 is not working correctly, because it also shows that port 22 is open to everyone and I can telnet server2 22 and I'm able to connect.
View 2 Replies
View Related
Mar 7, 2011
I tend to not use webmin, but there's just some things I dont want to deal with via command line. I know that having Webmin require an SSH tunnel is possible, but i'm not sure how to approach it.
View 1 Replies
View Related
Feb 2, 2011
I want to be able to SSH into my computer that I can't expose port 22 on. I've tried the ssh -R ... several times, but can't manage to make it work.I have my home computer (want to SSH into), server (can SSH into), and some computer I want to SSH from.Do I need to install the sshd on the machine I want to SSH into? What are the commands I need to enter to forward from my server to my home computer?
View 1 Replies
View Related
Mar 14, 2011
I am trying to tunnel through my college's free AP so I can get access to protocols outside of http and https. The school has an in-browser DNS redirect until you log in.The output of "cat /proc/version" on the server OS is "Linux version 2.6.35-27-generic (buildd@palmer) (gcc version 4.4.5 (Ubuntu/Linar o 4.4.4-14ubuntu5) ) #48-Ubuntu SMP Tue Feb 22 20:25:29 UTC 2011" The client OS is Windows 7. What I have done so far is use Proxy Cap to redirect applications to a Putty tunnel connected to the server. Eventually I want to tunnel that SSH connection through my school's firewall, so that I can keep encryption and have a reasonable amount of ease with setup.
I am not particularly educated on the inner workings of the DNS redirecting so I was not sure what to search for. My attempts to connect Firefox over normal http proxies failed and since all ports are blocked besides http and https I didn't attempt any socks or SSH. I have also tried simply hosting the SSH server on http ports with little success. I hope that I can do this without having to purchase a domain, but that's starting to seem like that won't be the case.
View 8 Replies
View Related
Mar 23, 2010
I am currently setting up a old box to serve as a general, quality router/fileserver that should give me fine control over my network traffic. This router will serve as the bridge between several local users and the Internet, along with quite a few machines.Traffic is expected to be heavy, in the sense of multiple powerusers using the Internet to the fullest, not from one machine doing anything insane like Torrenting. The connection profile will reflects lots of up and down, not necessarily a huge number of persistent connections.Due to security concerns, the need to build an encrypted tunnel between a SoHo LAN and a dedicated server is unescapable. I'm trying to determine whether I can pull this off with a simple SSH tunnel on the box serving as the local router, or if a VPN (either PPTP or L2TP) is a more appropriate solution.Proxying won't work, because not all apps can easily be socksified across the Windows, GNU/Linux, and OSX platforms that the users will need. For this reason, I have to pull this off strictly at the router level.
I'm not all that familiar with the specific details of each protocol's performance as far as their latency, efficiency, overhead, and fault-tolerance are concerned. I'm less concerned with a protocol taking up CPU as I am with useless bytes and latency it might be introducing to the link. I don't know the low-level nitty gritty of how each protocol encapsulates its traffic.If there is an existing package for this, it would be great, but at this point I'm simply trying to figure out which protocol is more appropriate before I begin digging in the wrong direction. The biggest concern, of course, is that the chosen protocol aggressively re-establish sessions should the connection suddenly drop, which will be a concern given the SoHo line I'll have to work with. The actual outbound server is no concern, as it has four cores and a Gbps line.
View 1 Replies
View Related
Jul 15, 2010
I am useing bshellz and i want to know how do i setup ssh tunneling in firefox when i am surfing the web.I newbie when it come to ssh tunneling.
View 3 Replies
View Related
Nov 3, 2010
In windows if I want to do split tunneling, I just uncheck the Use as Default Gateway Box as seen here URL...In Ubuntu, I went to my VPN connection, IPv4 settings, routes..., checked "Use this connection only for resources on its network".And I could no longer ssh into machines on campus.
View 1 Replies
View Related
Feb 20, 2011
I want to tunnel X apps to windows with PuTTY. I have the following in my sshd_config:
Code:
X11Forwarding yes
X11DisplayOffset 10
[code]....
View 4 Replies
View Related
Mar 6, 2011
I am a linux beginner and dont know that much about networks! I have access to a linux VM. The machine is remote and i access via putty. If i can access this machine via SSH and putty, is there any reason why i should not be able to use ssh tunnelling to connect to a vnc server?
I don't know the details of the server and what firewall is set up but i believe that tunnelling uses port forwarding over the ssh connection that is already set up. Where does the port forwarding actually occur? At the actual linux VM or on the router the VM is connected to?
View 1 Replies
View Related
Jul 14, 2011
I have a machine called ic that I can ssh to. There is another machine, fw, that is on a completely different VLAN, and I cannot talk to it. ic is on both my VLAN and the VLAN that fw uses, and so my usual procedure for sshing to fw is to ssh into ic and from there ssh into fw. If I wanted to script this action, however, how could I get it to work?
I tried ssh root@ic "ssh root@fw", but this results in the message Pseudo-terminal will not be allocated because stdin is not a terminal, and then I get three messages from fw, presumably because it has null input:
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
View 1 Replies
View Related
Feb 27, 2011
I am trying to setup a version of OzymanDNS but am not quite sure I am understanding part of the instructions found here.My domain/website is hosted with a web hosting company, using their name servers. I have added a sub domain [URL], using an A record to send any requests for [URL] to my home IP address, where I have a server running. Do I need to also add the code below to my server at home which has BIND installed or are the instructions expecting that I have full control of the main name server already?
Code:
tunnel.example.com. IN NS www.example.com.
www.example.com. IN A 123.123.123.123
View 2 Replies
View Related
Feb 16, 2010
I am attempting to set up a VNC with ssh tunneling for remote desktop between my laptop (opensuse 11.2) and my desktop (kubuntu karmic) and using the instructions here: [URL] and here: [URL] but I am having trouble getting remote desktop to work once I establish the ssh tunnel
I start out with
Code:
ssh <user@remotepc> -p <non22port> -L 5900:localhost:5900
That seems to wok and connect properly
The problem comes when I try to use a remote desktop client on the laptop to initiate the VPN desktop sharing and point it to
Code:
localhost:5900
Thats when I get a notification on the host saying:
Code:
Refused uninvited connection attempt from 127.0.0.1
And on the laptop I get:
Code:
VNC server closed connection
I have tried messing with the few settings in Krfb, but none seem to have any impact. How do I open localhost:5900 and allow VPN tunneling to the host machine?
View 2 Replies
View Related
Aug 4, 2010
I am on Linux on machine LOCAL (my notebook).I ssh into a company machine REMOTE which is behind a firewall and ONLY allows incoming ssh connections (port 22), no outbound connections whatsoever. I do have full root access on both, LOCAL and REMOTE, REMOTE is however a VPS and behind a hardware firewall.I now need network access on REMOTE (HTTP and other protocols) for downloading and building some software. I also need to access to NON HTTP protocols such as git.
I was hoping to set up a reverse SSH tunnel for using my LOCAL machine, where I could be running a socks server. So that network access on REMOTE would be redirected over the SSH tunnel to a socks server running on machine LOCAL.How would I go about setting something like this up?
View 2 Replies
View Related
Feb 28, 2011
There is an udp video stream accessible only on the local network, but I need to access it outside of the network. I have Linux machine (multiple actually) with root access.There is a small utility that makes the stream accessible on the local machine on port 1234.
./ping -h streamserver -p 1234
If I run it I can access the stream using vlc or mplayer.
mplayer udp://@:1234
vlc udp://@:1234
Now, I'm trying to create a port foward from my remote machine and access the port, but it is failing.
ssh me@machine -L 1234:127.0.0.1:1234
View 1 Replies
View Related
Feb 24, 2010
I have been ssh tunneling, which works great.I can browse the internet by simply tunneling my traffic through my SSH server.the following command: ssh -ND 9999 username at myserver.i cant postlinks.is all I have type, and I can connect to a SOCKS proxy server on localhost:9999.My problem is that I have an application that only supports HTTP proxies.Is there any way I can get it tunneling over the socks proxy?
View 4 Replies
View Related
Jul 3, 2010
I bought a mlb.tv to watch baseball game online and they have blackout for local teams. I try to use proxy sock to bypass the blackout, but for some reason they know my location because I'm getting blackout. I check to see if they were just checking for proxies and I went and I try to watch other games not in my area and I was able to watch it. I use this command on the ssh client "ssh -D 9090 user@domain.com" and I change the setting on my network. I do a ip lookup and the ip address is from the server location. I dont want you guys to tell how to bypass, I just want to understand how they know my location.
View 1 Replies
View Related
May 7, 2011
I am trying to use the ssh reverse tunneling through the command
Code:
ssh -l login -p port <ip address> -R <remote port>:<local Ip>:<local port>
In order to enable some one in the remote host to connect my machine. through the command
Code:
ssh 127.0.0.1:<remote port>
However when I try to execute the first ssh command above I got the warnning
Code:
Warinning: remote port forwarding failed for listen port <remote port>
The problem always happens when the remote host I have tried to connect is my Fedora 14 machine. I can do that when using an Ubuntu as the remote host.
View 9 Replies
View Related
Sep 23, 2010
When I try to create a network tunnel, I get ioctl: no such device returned by the terminal. Which modules do I need to ad with insmod to enable tunneling?
View 2 Replies
View Related
Jun 20, 2010
I'm looking for a way to tunnel the internet connection of my Ubuntu VPN server to the remote client.The server is running Ubuntu Server 9.04 64-bit, and has a fully functional installation of Poptop and Squid. Is there a way I can get internet requests from the VPN client to tunnel over the VPN and be connected through Squid? I'd think this would be a iptables thing, but I'm not sure.
View 5 Replies
View Related
Jan 22, 2010
I have a server with a /data/ directory, everything in the /data/ folder has "-rwxrw-rw- 1 root root" permissions.all works fine, multiple users are mounting this over a lan and everyone is able to modify files. However I would like to be able to access the /data/music/ directory from the internet.
Is it possible to configure sshfs to only accept logins from a user restricted to reading the /data/music directory, or would it be possible to tunnel nfs over ssh in such a way that everyone on the lan 192.168.0.xxx has unrestricted access to the data directory, but something coming from outside only has read access to the music directory. Although is one were tunneling nfs over ssh, the nfs mount request would appear to come from the server itself. The router is at 192.168.0.1 and the server is at 192.168.0.3.This Seems very much like what I want to do, however I'm having a bit of trouble getting this to work well with other users mounting with full rights over the lan too.
View 5 Replies
View Related
Apr 4, 2011
Basically, whenever I am on an unencrypted wireless hotspot, I open up an SSH tunnel to my home server to do all my browsing for the privacy and security it provides.But I got to thinking, and now I am curious, if I am visiting a site like gmail for instance that always uses SSL/TLS for it's connections, is there any added benefit to also using an encrypted tunnel? or is it perhaps superfluous to use both
View 3 Replies
View Related
Mar 28, 2011
I recently installed the pptpd server on my system and set it up according to these instructions:HTML Code[URL]t=132029However after setting everything up on attempting to connect to it from a windows machine (windows 7 home premium to be specific) it gives me two errors which are 720 and 800...It reaches "registering your computer on the network" fine and then gives 720 on the first attempt to connect and then 800 on the second attempt to connect...and then on the third 720 and 4th 800 and so on..My system running the server's I.P is 192.168.1.70My system running the windows OS trying to connects I.P is: 192.168.1.66
View 2 Replies
View Related
May 10, 2010
i found this video, and i really want to do the same. *newbie needs to learn [URL]...my question is, what need to be installed and how?
is there any specific configuration to make it works?
and will it work if i want to connect from Ubuntu to Fedora ?
View 1 Replies
View Related
Apr 1, 2011
I'm curious if anybody can shed some light for me in this department. We're in a large environment with a Windows DHCP Server. We have been tinkering with LTSP on Edubuntu as thin and fat clients. It works great, but right now we just have 1 server handling the lab, which works fine unless we want to expand, which may be very possible.
These are the instructions I received:
Login to your windows server and load the DHCP configuration screen
Create a DHCP reservation for the MAC address you obtained
Add the configuration options below to enable the machine to boot from the LTSP server
017 Root Path: /opt/ltsp/i386
066 Boot Server Host Name: <ip address>
067 Bootfile Name: ltsp/arch/pxelinux.0 # Specify CPU architecture in place of 'arch', for instance 'i386'
From: [url]
I'm curious, what if I want to have multiple Ubuntu servers on the network that I want to have bootable? For example, let's say I have 3 labs, and 3 servers. Server A to Lab A, Server B to Lab B, and Server C to Lab C. I want all C's computers to boot to C, and B to B, A to A, etc.
1 - How would I add multiple entries on the Windows DHCP Server to allow all 3 (A B C) servers to boot?
2 - How would I be able to isolate the clients so ONLY Lab A clients boot to Server A, etc?
View 7 Replies
View Related
May 25, 2011
I am looking for a version of vmware that manages 2 severs at the same time and that mirrors them such that if one goes down we can still work on the second and of course it also works as a backup. Also, must work on a ubuntu server I have looked but there are so many version that I don't know which one is the best.
View 1 Replies
View Related
Mar 4, 2010
(Mods: If you feel this belongs more in the Games or Wine discussion area, please feel free to move. This question does intersect many areas, so was unsure where to put)
I have a funky server Ubuntu 9.10 Enterprise setup where I have X on all the time (using Xfce4 - not Xbuntu) with latest wine so I can run Windows only based game server executables. One of the applications is a simple dedicated racing game server made by the company I work for that works perfect in wine (unfortunately, the full 3D game client does not, so its a windows only game). The other is more just to test, runs Serious Sam HD dedicated with wine with a steam client active in background since SSHD Ded requires a steam client logged in (just create a dummy account).
Im getting some lag issues with the SSHD on the end-users client side. Unsure if its related to it being a more complex game and using wine to translate slowing it down. Things like tiny warps once in awhile, and the ping of clients kinda jumping around.
Im pretty sure my network settings are ok. Maybe not fully optimized for every bit via ipv4. Still though. This 1U Opteron server is in a ISP with a full 1000 up and down. Ports are locked out that aren't being used. I do have apache going, but its nothing strenuous. The CPU isnt used overly so. Maybe peaks out around 60% under strain, but mostly 20-40%. Memory use is about 550-700megs for SSHD itself. Given, it only has 2 gigs total at this time, but I still usually have near a Gig of memory available at most times.
I admit newbness of linux servers in general. Was reading about other game servers like CS:S requiring a ticked kernel near 1000 to get the least amount of lag. Some even saying they dropped the tickless options of the newer 2.6 kernels on purpose because they produced lag. Was checking on the history of newer Windows Server like 2008 and they still use a ticked OS, though a more optimized version.
So this boils down to should I be running a Ticked OS kernel to run a more complex Windows based dedicated server? I haven't tried thus far, well because I am again a bit of a n00b to all this. That and I'm not sure you have to tell wine or the SS:HD dedicated exe itself to run at a full ticked rate (no option I have seen for a command line function in the SS:HD itself).
View 2 Replies
View Related
May 3, 2010
I have Webmin installed on an Ubuntu server. I currently have a successful apache server running on port 80, however I want to create a virtual host on port 81. When I try I go to servers->Apache Webserver-> Create Virtual Host I change the port to 81 and the document root to /var/port81www then I click create. How ever when I goto 192.168.1.5:81 (local ip, I know I have to port forward but its not even working local) it does not work.
View 5 Replies
View Related
