I need to reach an ftp host that has whitelisted some ip addresses. In order to access the host via these whitelisted ips I need to jump through HOST B that is not publicly accessible. I need to jump through HOST B via HOST A that is publicly accessible.
I want to use an ftp client locally to access the ip-restricted ftp host. How can I do this via combination of ssh config file and ssh commands ?
I tinkered but was unable to get anything sensible.
Related
I have local computer and remote server. Remote server is isolated and is only accessible with this computer. I want to connect to site from server, let it be https://example.com/site
I tried to make a tunnel via ssh -R 6761:example.com:80 remote-server. But when I am trying to use wget http://localhost:6761/site on the remote server - it doesn't work and show 404 whilst wget http://example.com/site working well on local computer.
What I am doing wrong?
You cannot tunnel HTTP that way.
The name of the server you are trying to reach will be included in the request (the Host header), but it will most likely only listen to example.com, not localhost.
You will need to set up a HTTP Proxy (Forward Proxy) on your local machine and tell your http client(s) to use that. (How depends on the client.)
If I ssh into host3.example.com 192.168.1.1, where host2.example.com also resolves to 192.168.1.1, is there any way for the remote machine to tell which hostname was used for the connection?
i.e. Does the ssh protocol send the remote name to the remote machine, like SNI in HTTPS?
(I am running an ssh server from within an application, so I am free to modify the ssh server to provide this information, if ssh clients provide it.)
As far as I know, there is no protocol extension like SNI for SSH. The DNS name (of the server) is not passed to the server by the client. See also this discussion.
I want to access a remote folder on a server B that is accessible only via a server A. I have accounts on both machines.
To access a terminal on B i would first connect to A via ssh, and then hop to B.
To use a port on B I would do the same, establishing a port mapping via ssh tunneling.
But what can I do to access a folder on B from a graphical file manager, like dolphin, using a protocol like fish? How can I establish the intermmediate connection?
I have tried the indirect way of creating a tunnel from localhost:port to the intermmediate machine, and from there to the target machine, and connect to fish://localhost:port on the file manager, but keep getting connection refused.
You can do that using standard sshfs if you configure the intermediate machine as a proxy in your client configuration (default location is ~/.ssh/config):
Host <remote>
ProxyCommand ssh -W %h:%p proxy
Host proxy
Hostname <real-proxy>
where <remote> is the hostname / IP address of the remote machine (%h will be replaced by it later). <real-proxy> is the hostname / IP address of the intermediate machine.
Then you can mount your remote filesystem locally and access it using whatever graphical file manager you like:
sshfs <remote>:/remote/path /mnt/mountpoint
Let's say I have a digital ocean droplet - 68.456.72.184
When ssh-ing into my remote server, I'd rather not have to type out the whole ssh command -
ssh 68.456.72.184
The host's name is Stormtrooper - how do I make it so that client machines can ssh into the server via
ssh Stormtrooper
I imagine this requires some sort of configuration on the local client machine that's connecting? In what order does does a client machine search for host names? I imagine there's some local setting where it looks for "Stormtrooper"'s IP address, and if not found it it looks in the local network, and then looks in the "global" network (i.e. public DNS).
I'm not quite sure how that lookup process works, so an explanation there would be great as well.
You can create local ssh_config in ~/.ssh/config with a content:
Host Stormtrooper
Hostname 68.456.72.184
And then you can ssh to that server using ssh Stormtrooper (even tab completion will work for you).
Connecting using FQDN will work too if you have correctly set up DNS. If you have a domain Stormtrooper.tld pointing to this IP, you are able to ssh using
ssh Stormtrooper.tld
For local network resolving, you would need local DNS, which would do this translation for you.
I'm trying to set up a ssh tunnel using putty so i can view websites which are at my work location. The remote development server (apache) does not accept any incoming calls on port 80, so i'm trying to tunnel through ssh which should work since i'm able to login to my shell account.
I'm using putty 0.60, In my settings ive added a new rule at connection -> tunnels
Ive added source port 80, Destination: remote.domain:80, i tried setting the radio buttons to local, remote, dynamic and the 2nd line to auto, still doesnt seem to work.
Do i need to add something to my windows host file to make apache accept the request?
Any idea's?
Destination should be localhost:80. This is where the remote port is forwarded to.
Then in your hosts file reroute remote.domain to 127.0.0.1.
That should give you access.