Connection to Redis through SSH tunnel: reset by peer - ssh

My Redis instance is installed and run at VIRTUAL_MACHINE. I connect to VIRTUAL_MACHINE via SSH tunnel through TUNNEL_SERVER to work from my local machine.
Tunnel string is the following:
ssh -L 0.0.0.0:10011:VIRTUAL_MACHINE:22 -L 0.0.0.0:10004:VIRTUAL_MACHINE:6379 -o ExitOnForwardFailure=yes -o ServerAliveInterval=15 -o ServerAliveCountMax=3 username#TUNNEL_SERVER
The issue is I can't connect to Redis instance from the local machine:
redis-cli -h 0.0.0.0 -p 10004
0.0.0.0:10004> ping
Error: Connection reset by peer
telnet 0.0.0.0 10004
Trying 0.0.0.0...
Connected to 0.0.0.0.
Escape character is '^]'.
Connection closed by foreign host.
On the remote machine (VIRTUAL MACHINE):
redis-cli -h localhost -p 6379
localhost:6379> ping
PONG
netstat -an | grep 6379
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN
redis.conf
bind 127.0.0.1
bind 0.0.0.0
protected-mode no
port 6379
timeout 60
tcp-keepalive 600
daemonize no
Because of Redis, I can't also connect to Flower (Celery).
If you have any idea about possible reasons, please help me to figure it out.
Thanks!

Only just saw this,
Can you SSH to 0.0.0.0:10011 and have access to the VIRTUAL_MACHINE?
Also are your auth creds for the TUNNEL_SERVER the same as for the VIRTUAL_MACHINE?
Forgive me if you already have, but, I would get SSH working to the VIRTUAL_MACHINE first via the TUNNEL_SERVER and then rework that to tunnel REDIS

Related

Vagrant/Redis - Cannot connect from host

Still getting the hang of Vagrant/Redis/Linux. Please help! The issue is I cannot connect to redis server running on VM.
Host: Macbook
Vagrantfile:
config.vm.box = "laravel/homestead"
config.vm.hostname="redis-test"
config.vm.network "forwarded_port", guest: 6379, host: 6379, id: "redis"
Guest: laravel/homestead Vagrant box.
/etc/redis/redis.conf
bind 0.0.0.0
After changing redis.conf, I also restarted the service
sudo /etc/init.d/redis-server restart
(AND also) sudo service redis-server restart
Also made sure ufw is disabled
sudo ufw disable
sudo ufw status
Status: inactive
If I run redis-cli -h redis-test ping, I get pong, and can access redis as usual (on the guest VM)
Now back on the host machine (macbook), I cannot access redis-server.
redis-cli -h redis-test ping
Could not connect to Redis at redis-test:6379: nodename nor servname
provided, or not known
Can someone help me connect to redis-server on vagrant box, please? Any help is greatly appreciated!
You forwarded redis port 6379 from host machine to redis-test VM, but host machine knows nothing about redis-test domain you are trying to connect to.
You can connect redis on redis-test VM from host machine in two ways:
1.
connect to localhost, because redis port is already forwarded to redis on redis-test VM:
redis-cli -h localhost ping
2.
add redis-test to /etc/hosts:
echo '127.0.0.1 redis-test' >> /etc/hosts
and you can connect redis the way you used:
redis-cli -h redis-test ping

How to connect to remote Redis server?

I have URL and PORT of remote Redis server. I am able to write into Redis from Scala. However I want to connect to remote Redis via terminal using redis-server or something similar in order to make several call of hget, get, etc. (I can do it with my locally installed Redis without any problem).
redis-cli -h XXX.XXX.XXX.XXX -p YYYY
xxx.xxx.xxx.xxx is the IP address and yyyy is the port
EXAMPLE from my dev environment
redis-cli -h 10.144.62.3 -p 30000
REDIS CLI COMMANDS
Host, port, password and database By default redis-cli connects to the
server at 127.0.0.1 port 6379. As you can guess, you can easily change
this using command line options. To specify a different host name or
an IP address, use -h. In order to set a different port, use -p.
redis-cli -h redis15.localnet.org -p 6390 ping
There are two ways to connect remote redis server using redis-cli:
1. Using host & port individually as options in command
redis-cli -h host -p port
If your instance is password protected
redis-cli -h host -p port -a password
e.g. if my-web.cache.amazonaws.com is the host url and 6379 is the port
Then this will be the command:
redis-cli -h my-web.cache.amazonaws.com -p 6379
if 92.101.91.8 is the host IP address and 6379 is the port:
redis-cli -h 92.101.91.8 -p 6379
command if the instance is protected with password pass123:
redis-cli -h my-web.cache.amazonaws.com -p 6379 -a pass123
2. Using single uri option in command
redis-cli -u redis://password#host:port
command in a single uri form with username & password
redis-cli -u redis://username:password#host:port
e.g. for the same above host - port configuration command would be
redis-cli -u redis://pass123#my-web.cache.amazonaws.com:6379
command if username is also provided user123
redis-cli -u redis://user123:pass123#my-web.cache.amazonaws.com:6379
This detailed answer was for those who wants to check all options.
For more information check documentation: Redis command line usage
In Case of password also we need to pass one more parameter
redis-cli -h host -p port -a password
One thing that confused me a little bit with this command is that if redis-cli fails to connect using the passed connection string it will still put you in the redis-cli shell, i.e:
redis-cli
Could not connect to Redis at 127.0.0.1:6379: Connection refused
not connected>
You'll then need to exit to get yourself out of the shell. I wasn't paying much attention here and kept passing in new redis-cli commands wondering why the command wasn't using my passed connection string.
if you got Error: Server closed the connection
try with --tls switch:
redis-cli --tls -h my-redis.redis.cache.windows.net -p 6379 -a myRedisPassword
h 👉 hostname
p 👉 port
a 👉 password

Scp through ssh tunnel opened

I want to send files from machineA which has opened a reverse tunnel with a server. The reverse tunnel connects port 22 on machineA with port 2222 on the server:
autossh -M 0 -q -f -N -o "ServerAliveInterval 120" -o "ServerAliveCountMax 1" -R 2222:localhost:22 userserver#server.com
If I do:
scp file userserver#server.com:.
then SCP sends the file with a new login over SSH, in my case using public/private key.
But if I do:
scp -P 2222 file userserver#localhost:.
I get a "connection refused" message. The same happens if I replace 2222 above with the port found with:
netstat | grep ssh | grep ESTABLISHED
How I can send files without opening a new ssh connection (without handshake)?
You can use ControlMaster option in your ssh_config (~/.ssh/config), which will create persistent connection for further ssh/scp/sftp sessions. It is easy as pie:
Host yourhost
Hostname fqdn.tld
Port port_number # if required, but probably yes, if you do port-forwarding
ControlMaster auto
ControlPath ~/.ssh/master-%r#%h
ControlPersist 5m

How do I port forward from a remote server through a jump box

I'm not sure if I'm using the right term of "port forwarding". What I want to do is connect to a local port that to connects to a remote server on a private network.
local --> jump-box --> server
On the server, a webserver is running on port 80
On local I would like to have my browser connect to localhost:8080 and reach the server's port 80.
The jump-box is a standard port 22 ssh server.
Is this possible?
I found the answer:
ssh <user>#<server ip> -o 'ProxyCommand ssh <user>#<jump box> nc <server ip> 22 2>/dev/null' -f -L <local port>:localhost:<server port> -N
for example
ssh jsmith#web.local -o 'ProxyCommand ssh jsmith#gateway.example.com nc web.local 22 2>/dev/null' -f -L 8080:localhost:80 -N

How can I use local redis client to connect to socket

I know if I do redis-cli -h {ip_address} -p {port} I can connect to a specific port/ip but I've set my instance to not listen to any tcp/ip ports instead it listens to local socket.
How can I establish a socket connection with the redis client?
You can connect from redis-cli or redis-benchmark simply by using the -s option and providing the path of your unix domain socket.
For instance:
redis-cli -s /tmp/redis.sock
redis-benchmark -q -n 10000 -s /tmp/redis.sock