I have two servers connected though ethernet and with public IPs.
ssh from one server to the other with LAN IP : works
sudo ssh from the same server to the other with LAN IP : error connection refused
ssh from the same server to the other with LAN IP : error connection refused
ssh from the same server to the other with public IP : works
sudo ssh from the same server to the other with public IP : error connection refused
ssh from the same server to the other with public IP : error connection refused
How can I restore the ssh access ?
sudo uses the root user on your machine. If you have ssh keys set up for one user, and then use sudo, you're now using the root user's ssh keys instead of the correct ones.
To restore access, you will need to ensure your user has the correct ssh keys set up and then just use ssh without sudo.
I'm trying to establish a remote port forwarding to my Mac (target 4004) via a bastion host and Server-A to a Port (1555) on Server B.
So the whole connection is:
Mac:4004 => Bastion:22 => A:22 => B:1555
And the target is my Mac should have a Port 4004 forwarded from B:1555.
What is working so far?
I can connect to Server A with the command ssh user-bastion#user-A#server-A#server-bastion
On Server A I can establish a connection e.g. telnet to B:1555
On my windows client I can remote forward the port B:1555 to my local machine via Putty.
I'm now looking for the ssh command to establish this connection on my Mac.
Commands I tried:
Of course I have already searched for it and I've already tried different versions.
e.g.
ssh -fNT -R 1555:localhost:4004 -J user-bastion#user-A#server-A#server-bastion server-B
ssh -N user-bastion#user-A#server-A#server-bastion -R server-B:1555:localhost:4004
I always receive message like "Warning: remote port forwarding failed for listen port 1555"
I'm running Vagrant VM on the left window. I created a user name 'student' in my VM but when I try to ssh my user 'student' from my local machine terminal, it gives me error
ssh: connect to host 127.0.0.1 port 2222: Connection refused
127.0.0.1 is the loopback address, which points to your local machine but not the virtual machine.
You should use address 10.0.2.15 listed by ifconfig from your virtual machine.
I have:
-PC with ubuntu 18
-Install and configure ssh for remote access
-Open ssh port in my router
-My IP is dinamic, so I configure Dynamic DNS (www.noip.com).
I have remote access to my PC from another external computer, with domain no-ip and ssh port. No problem.
Now:
-I connect my PC for Tunnel VPN (openvpn) to a VPN server (VPNbook)
-Refresh my no-ip domain with the new public VPN IP.
-But I can't connect for ssh (domain no-ip and ssh port) to my PC...
Why? What am I missing?
Finally I found:
https://unix.stackexchange.com/questions/237460/ssh-into-a-server-which-is-connected-to-a-vpn-service
https://askubuntu.com/questions/893775/cant-ssh-to-server-with-vpn-connection
https://www.linode.com/community/questions/7381/openvpn-client-connected-to-a-server-while-listening-to-ssh
In my PC:
Connect VPN
List item
Execute:
ip rule add from 192.168.0.101 table 128
ip route add table 128 to 192.168.0.0/24 dev enp2s0f0
ip route add table 128 default via 192.168.0.1
Where:
192.168.0.101 -> Internal IP to my PC
192.168.0.0/24 -> subnet, calculate with "subnetcalc"
enp2s0f0 -> it is the name of my net interface
192.168.0.1 -> My default-gateway
Now, i have remote access for ssh.
I set up vagrant to run a vm on a host os. What I would like to do is be able to ssh from other machines directly into the vagrant vm (ie, I shouldn't ssh into the host and then vagrant ssh, etc. into the vagrant vm).
Currently, I can ssh not using vagrant ssh from the host os using ssh vagrant#127.0.0.1 -p 2222. However, if I run the same command (replacing 127.0.0.1 with the host's ip address), I get "ssh connect to host XXXXX port 2222: Connection refused."
I tried adding my own port forwarding rule to vagrant:
config.vm.network :forwarded_port, guest: 22, host: 2222
But that doesn't allow ssh connection from either the host machine or any other machine in the network. Additionally, I spent a while with config.ssh in the vagrant docs. I think that most of those parameters though specify what port the vagrant vm is running ssh on.
I really don't think this should be that difficult. Does anyone know what I might be doing wrong, or what I should do differently to ssh into a vagrant vm from a remote server?
If you don't want to change network to public you can override default port forwarding for ssh by this:
config.vm.network :forwarded_port, guest: 22, host: 2222, host_ip: "0.0.0.0", id: "ssh", auto_correct: true
This will forward guest 22 port to 2222 on your host machine and will be available from any ip, so you can access it outside your local machine.
Since v1.2.3 Vagrant port forwarding by default binds with 127.0.0.1 so only local connections are allowed.
You got "Connection refused" because the port forwarding was NOT binding to your network interfaces (e.g. eth0, wlan0). The port 2222 on your host is NOT even open to hosts in the same network (loopback interfaces not accessible to other hosts).
If you want to SSH directly to the Vagrant VM from a remote host (in the same LAN), the best and easiest way is to use Public Network (VirtualBox's Bridged networking mode).
Add the following to your Vagrantfile and do a vagrant reload.
It should bridge through one of the public network interfaces, you should be able to get the IP address after VM is up, vagrant ssh into it and run ifconfig -a or ip addr to get the IP address to ssh to from remote hosts.
Sample Vagrantfile
<!-- language: lang-rb -->
config.vm.network :public_network # 2nd interface bridged mode
or more advanced, you can set default network interface for public network
<!-- language: lang-rb -->
config.vm.network "public_network", :bridge => 'en1: Wi-Fi (AirPort)'
See more => Public Network
You can also add another rule to Vagrantfile like the following:
config.vm.network :forwarded_port, guest: 1234, host: 22
Connect to Vagrant with the default port (2222) and edit /etc/ssh/sshd_config, then add below Port 22 the port previously configured as 'guest', resulting:
...
Port 22 #Uncomment this line if it's commented
Port 1234
....
Finally, restart the ssh daemon or do vagrant reload (if you edited Vagrantfile while the VM was running you have to reload it) and now you can connect to Vagrant using 'host' port (22 in my case) from outside the host computer.
You can't remove the default port, because Vagrant would hang when starting up.
Use vagrant share --ssh
Vagrant now has a service for registering a Vagrant VM
for remote SSH access automatically.
See here: https://www.vagrantup.com/docs/share/ssh.html
You call vagrant share --ssh.
This generates an SSH key (encrypted and password-protected),
uploads it to a Hashicorp server,
and returns a silly global box name (e.g. "rambunctious-deer-3496").
Then everybody who
has a Hashicorp Atlas account
knows the box name,
knows the password for the key, and
has Vagrant installed(!)
can perform remote SSH to the box via
vagrant connect --ssh BOXNAME.
Vagrant takes care of all the admin stuff behind the scenes (here are some details).
Works as advertised.
I guess this will even work if the Vagrant host (not merely the VM) is behind a NAT.
Limitations:
vagrant share sessions expire (currently after 8 hours)
expect some latency, because all traffic is (presumably)
routed through the Altas server
I have seen my remote connections close (for no obvious reason)
after I had not used them for maybe 15 minutes.