I need to allow connection to some users on a servers with key authentication so that they can setup a tunnel to access a web application. But I don't wan't them to have a access to a shell.
View 5 RepliesI have a machine called ic that I can ssh to. There is another machine, fw, that is on a completely different VLAN, and I cannot talk to it. ic is on both my VLAN and the VLAN that fw uses, and so my usual procedure for sshing to fw is to ssh into ic and from there ssh into fw. If I wanted to script this action, however, how could I get it to work?
I tried ssh root@ic "ssh root@fw", but this results in the message Pseudo-terminal will not be allocated because stdin is not a terminal, and then I get three messages from fw, presumably because it has null input:
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
I have a local computer (local), and remote computer (remote) behind of remote server (server). Also, I have user access to all of these 3 machines. Now, I want mount some directory, located at remote, to my local mount-point via sshfs. How should I setup my local sshfs and what should be done on server to make this mounting?
I'm stuck with ssh tunneling because the default method for tunneling requires root access while WinSCP somehow could do this with only user access (the tunnel server could be configured there in 'tunnel' panel).
I currently have SSH set up on my network and facing outwards so that I can use my private key to authenticate and remotely administrate my server along with the ability to use SSH tunnels when needed to encrypt my traffic. However, I want to be able to give a friend access and use my server as a SSH tunnel, I do not want him to be able to execute any commands or write any files, just to create an SSH tunnel. Although it would not be too much of a large issue if he could write to his own home directory, I just want to ensure that he isn't able to browse around the whole file system and keep it as simple as possible.
View 9 Replies View RelatedI'm having trouble ssh tunneling through two servers to get to my database. Server3 is restricted to all except from server2 and I'm at server1. So on server2 i do ssh -L1434:server2:1435 -l user server2 - this works i'm able to connect to the db on server3 from server2. But on server3 i'm trying to ssh -L1433:server2:1434 -l user server2
- and I get 'connection refused'. I tried telnet server2 1434 from server3 and i get 'connnection refused'. I checked the firewall is open on server 2 - firestarter confirms that port 1434 is open to everyone. I'm not sure what I'm doing wrong, but I have a hunch that maybe firestarter on server2 is not working correctly, because it also shows that port 22 is open to everyone and I can telnet server2 22 and I'm able to connect.
I recently installed the pptpd server on my system and set it up according to these instructions:HTML Code[URL]t=132029However after setting everything up on attempting to connect to it from a windows machine (windows 7 home premium to be specific) it gives me two errors which are 720 and 800...It reaches "registering your computer on the network" fine and then gives 720 on the first attempt to connect and then 800 on the second attempt to connect...and then on the third 720 and 4th 800 and so on..My system running the server's I.P is 192.168.1.70My system running the windows OS trying to connects I.P is: 192.168.1.66
View 2 Replies View RelatedI am running an Ubuntu Server on a VirtualBox VM running on my windows machine. So I've created a self-signed certificate using the following tutorial: [URL]
From this tutorial I'm left with 3 files:
server.key
server.csr
server.crt
Then I found this very similar tutorial that has an extra bit on installing the certificates in apache: [URL] So I followed it's instructions which boil down to this:
[Code]...
So I'm thinking this should work now. However in Chrome I get: SSL connection error Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. IE8 gives me a typical "Internet Explorer cannot display the webpage" Note that [URL] fails while [URL] works fine, so it's definitely something in my ssl setup I'm thinking.
I tried to configure my vpn connection using pptp from the shell following following tutorial: [URL] now, if i use Code: pppd call novax to connect to my vpn i see following appearing in /var/log/messages:
Code:
Feb 10 21:11:57 reg-laptop pppd[2655]: pppd 2.4.5 started by root, uid 0
Feb 10 21:11:57 reg-laptop pppd[2655]: Using interface ppp0
Feb 10 21:11:57 reg-laptop pppd[2655]: Connect: ppp0 <--> /dev/pts/0
Feb 10 21:11:58 reg-laptop pppd[2655]: CHAP authentication succeeded
Feb 10 21:11:59 reg-laptop pppd[2655]: MPPE 128-bit stateless compression enabled
Feb 10 21:12:00 reg-laptop pppd[2655]: local IP address 10.243.249.22
Feb 10 21:12:00 reg-laptop pppd[2655]: remote IP address 10.243.249.20
verifying with ifconfig, my ppp0 ip is correctly set to 10.243.249.22 - i can also ping this ip but i tried to ping other ips in our network and i can't reach any of them - did i mess up the route maybe? Content of my /etc/ppp/ip-up.d/route-traffic:
[Code]...
I tend to not use webmin, but there's just some things I dont want to deal with via command line. I know that having Webmin require an SSH tunnel is possible, but i'm not sure how to approach it.
View 1 Replies View RelatedI'm writing a shell script that does multiple scp's and ssh'es to the same host. I would like to know if there is a way to write the script such that in the beginning an ssh connection is established. Then scp transfers files over the already open ssh connection. After which, terminal commands are executed on the host. A final scp transfers files again over the ssh connection. Then the ssh connection is terminated.The whole point is *not* to have:
#!/bin/sh
scp the_file host
ssh host 'execute-some-command.sh'
[code]...
I want to be able to SSH into my computer that I can't expose port 22 on. I've tried the ssh -R ... several times, but can't manage to make it work.I have my home computer (want to SSH into), server (can SSH into), and some computer I want to SSH from.Do I need to install the sshd on the machine I want to SSH into? What are the commands I need to enter to forward from my server to my home computer?
View 1 Replies View RelatedI am trying to tunnel through my college's free AP so I can get access to protocols outside of http and https. The school has an in-browser DNS redirect until you log in.The output of "cat /proc/version" on the server OS is "Linux version 2.6.35-27-generic (buildd@palmer) (gcc version 4.4.5 (Ubuntu/Linar o 4.4.4-14ubuntu5) ) #48-Ubuntu SMP Tue Feb 22 20:25:29 UTC 2011" The client OS is Windows 7. What I have done so far is use Proxy Cap to redirect applications to a Putty tunnel connected to the server. Eventually I want to tunnel that SSH connection through my school's firewall, so that I can keep encryption and have a reasonable amount of ease with setup.
I am not particularly educated on the inner workings of the DNS redirecting so I was not sure what to search for. My attempts to connect Firefox over normal http proxies failed and since all ports are blocked besides http and https I didn't attempt any socks or SSH. I have also tried simply hosting the SSH server on http ports with little success. I hope that I can do this without having to purchase a domain, but that's starting to seem like that won't be the case.
I'm creating script to connect to mysql and perform function. I'm into process in querying mysql from shell. Here is the content of a sample script:
Code:
#!/bin/bash
USER=scripter
PASS=test123
DB=test_scripts
I am currently setting up a old box to serve as a general, quality router/fileserver that should give me fine control over my network traffic. This router will serve as the bridge between several local users and the Internet, along with quite a few machines.Traffic is expected to be heavy, in the sense of multiple powerusers using the Internet to the fullest, not from one machine doing anything insane like Torrenting. The connection profile will reflects lots of up and down, not necessarily a huge number of persistent connections.Due to security concerns, the need to build an encrypted tunnel between a SoHo LAN and a dedicated server is unescapable. I'm trying to determine whether I can pull this off with a simple SSH tunnel on the box serving as the local router, or if a VPN (either PPTP or L2TP) is a more appropriate solution.Proxying won't work, because not all apps can easily be socksified across the Windows, GNU/Linux, and OSX platforms that the users will need. For this reason, I have to pull this off strictly at the router level.
I'm not all that familiar with the specific details of each protocol's performance as far as their latency, efficiency, overhead, and fault-tolerance are concerned. I'm less concerned with a protocol taking up CPU as I am with useless bytes and latency it might be introducing to the link. I don't know the low-level nitty gritty of how each protocol encapsulates its traffic.If there is an existing package for this, it would be great, but at this point I'm simply trying to figure out which protocol is more appropriate before I begin digging in the wrong direction. The biggest concern, of course, is that the chosen protocol aggressively re-establish sessions should the connection suddenly drop, which will be a concern given the SoHo line I'll have to work with. The actual outbound server is no concern, as it has four cores and a Gbps line.
I am useing bshellz and i want to know how do i setup ssh tunneling in firefox when i am surfing the web.I newbie when it come to ssh tunneling.
View 3 Replies View RelatedIn windows if I want to do split tunneling, I just uncheck the Use as Default Gateway Box as seen here URL...In Ubuntu, I went to my VPN connection, IPv4 settings, routes..., checked "Use this connection only for resources on its network".And I could no longer ssh into machines on campus.
View 1 Replies View RelatedI want to tunnel X apps to windows with PuTTY. I have the following in my sshd_config:
Code:
X11Forwarding yes
X11DisplayOffset 10
[code]....
I am a linux beginner and dont know that much about networks! I have access to a linux VM. The machine is remote and i access via putty. If i can access this machine via SSH and putty, is there any reason why i should not be able to use ssh tunnelling to connect to a vnc server?
I don't know the details of the server and what firewall is set up but i believe that tunnelling uses port forwarding over the ssh connection that is already set up. Where does the port forwarding actually occur? At the actual linux VM or on the router the VM is connected to?
I have created the following script
Code:
#!/bin/sh
interface=`ifconfig | grep -iE "(wlan0|gprs0)" | awk '{print $1}'`
[code]...
I am trying to setup a version of OzymanDNS but am not quite sure I am understanding part of the instructions found here.My domain/website is hosted with a web hosting company, using their name servers. I have added a sub domain [URL], using an A record to send any requests for [URL] to my home IP address, where I have a server running. Do I need to also add the code below to my server at home which has BIND installed or are the instructions expecting that I have full control of the main name server already?
Code:
tunnel.example.com. IN NS www.example.com.
www.example.com. IN A 123.123.123.123
I am attempting to set up a VNC with ssh tunneling for remote desktop between my laptop (opensuse 11.2) and my desktop (kubuntu karmic) and using the instructions here: [URL] and here: [URL] but I am having trouble getting remote desktop to work once I establish the ssh tunnel
I start out with
Code:
ssh <user@remotepc> -p <non22port> -L 5900:localhost:5900
That seems to wok and connect properly
The problem comes when I try to use a remote desktop client on the laptop to initiate the VPN desktop sharing and point it to
Code:
localhost:5900
Thats when I get a notification on the host saying:
Code:
Refused uninvited connection attempt from 127.0.0.1
And on the laptop I get:
Code:
VNC server closed connection
I have tried messing with the few settings in Krfb, but none seem to have any impact. How do I open localhost:5900 and allow VPN tunneling to the host machine?
Im trying to open a shell to the command line from owithin KDE on Ubuntu Server 9.1
View 2 Replies View RelatedI am on Linux on machine LOCAL (my notebook).I ssh into a company machine REMOTE which is behind a firewall and ONLY allows incoming ssh connections (port 22), no outbound connections whatsoever. I do have full root access on both, LOCAL and REMOTE, REMOTE is however a VPS and behind a hardware firewall.I now need network access on REMOTE (HTTP and other protocols) for downloading and building some software. I also need to access to NON HTTP protocols such as git.
I was hoping to set up a reverse SSH tunnel for using my LOCAL machine, where I could be running a socks server. So that network access on REMOTE would be redirected over the SSH tunnel to a socks server running on machine LOCAL.How would I go about setting something like this up?
There is an udp video stream accessible only on the local network, but I need to access it outside of the network. I have Linux machine (multiple actually) with root access.There is a small utility that makes the stream accessible on the local machine on port 1234.
./ping -h streamserver -p 1234
If I run it I can access the stream using vlc or mplayer.
mplayer udp://@:1234
vlc udp://@:1234
Now, I'm trying to create a port foward from my remote machine and access the port, but it is failing.
ssh me@machine -L 1234:127.0.0.1:1234
I have been ssh tunneling, which works great.I can browse the internet by simply tunneling my traffic through my SSH server.the following command: ssh -ND 9999 username at myserver.i cant postlinks.is all I have type, and I can connect to a SOCKS proxy server on localhost:9999.My problem is that I have an application that only supports HTTP proxies.Is there any way I can get it tunneling over the socks proxy?
View 4 Replies View RelatedI bought a mlb.tv to watch baseball game online and they have blackout for local teams. I try to use proxy sock to bypass the blackout, but for some reason they know my location because I'm getting blackout. I check to see if they were just checking for proxies and I went and I try to watch other games not in my area and I was able to watch it. I use this command on the ssh client "ssh -D 9090 user@domain.com" and I change the setting on my network. I do a ip lookup and the ip address is from the server location. I dont want you guys to tell how to bypass, I just want to understand how they know my location.
View 1 Replies View RelatedI needed Ubuntu server and recklessly picked Karmic. Hardware is some regular 775 mobo with integrated Intel graphics. Monitor is ASUS VH222D. Installation went smoothly but after that problems occurred. Shell is displayed in 1920x1080 resolution and fonts are so small almost unreadable. Grub2 looks OK, standard non-fb and so does few rows of text after loading grub but soon after that framebuffer becomes active.
dpkg-reconfigure console-setup doesn't mention resolution. Some articles are leading to grub2 gfxmode but none of manuals helped. I just cannot change grub2 menu resolution to anything else than standard console fonts (non-fb). Kernel option vga=XXX is no longer working.How to lower shell resolution? Why is this automatic???
I have a question about using bourne for a shell script. I have a script that at the moment performs a logical dump of my database, backups up the physical files of the database, and backs up everything within /var/www
I want to be able to copy the files over ssh to a remote server. However, the only way I am able to find examples of doing this is when you exchange keys and do not need to provide a password. How can you write a script that requires a password, not key exchange? I was told I specifically have to do it this way.
The short version: I have to manage some virtual machines using php shell_exec function, so far I cant do this because apache is run by the user www-data and virtualbox by the user vboxuserFrom what I've read so far, I've thought of 3 possible solutions: 1.- Create a script on my vboxuser that I can call from php to manage the Virtual Machines.2.- Change the apache user from www-data to vboxuser so I can manage the Virtual Machines through php
3.- Reinstall VirtualBox, this time using www-data as my user. I'm not sure if any of these will work and I'm not too sure of which would be the best solutionNow the longer more detailed version:
I have a remote server running Ubuntu 10.04.2, in that server I have set up VirtualBox so I can run several instances of WinXP to perform different tasks. Everything is setup and I can manage the virtual machines through SSH. If I want to run them as a different user than the one that created them (a user that so far only has been used to create the Virtual Machines) I have to do sudo -u vboxuser.Now, I need to create a PHP script to manage these virtual machines (I know about phpVirtualBox, but it's not what I need). If I try to run the virtual machines using shell_exec() from php, I get no answer at all (And I have tested that shell_exec is working on my server).
I am trying to use the ssh reverse tunneling through the command
Code:
ssh -l login -p port <ip address> -R <remote port>:<local Ip>:<local port>
In order to enable some one in the remote host to connect my machine. through the command
Code:
ssh 127.0.0.1:<remote port>
However when I try to execute the first ssh command above I got the warnning
Code:
Warinning: remote port forwarding failed for listen port <remote port>
The problem always happens when the remote host I have tried to connect is my Fedora 14 machine. I can do that when using an Ubuntu as the remote host.