I need to connect via REMOTE-SSH in Visual Studio Code to a machine with ssh but from a specific machine in which I have previously connected through ssh to.
I can connect to the first machine with no problem, the problem is when I am logged in the first machine and I try to connect to the second it doesn't let me. I have been looking but what I can only find is examples showing how to connect only to one machine without passing through an other one.
Thanks to a partner, I have found a solution and it consists in changing a little bit the config file from ssh
As I am using VS Code in Windows and I wanted not to use netcat I've implemented the next command to create a proxy:
Host <target-machine-name>
HostName <target-machine-ip>
User <user>
ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe -q -x <proxy-machine-name> -W %h:22
Hope it can help someone else with the same issue.
If you are using macOS and want to ssh to machine 1.1.1.1:2222 under socks proxy(127.0.0.1:1080), then you can use the below configuration:
Host 1.1.1.1
HostName 1.1.1.1
ProxyCommand nc -X 5 -x 127.0.0.1:1080 %h %p
Port 2222
User YourName
If you are using http proxy or using Windows(Linux), go to check Connect with SSH through a proxy . Then replace the corresponding ProxyCommand.
Hope this could help you.
Related
Im experiencing a problem replicate my putty ssh tunneling with Cmder bash (on windows machine).
1. I want to access web interface on port 7183 on server_2. To get there I have to go through jump_server first and and tunnel twice, as from the jump_server, only visible port is 22.
Steps with putty:
1. connect to jump_server with tunnel (L22 server_2:22) using username_1
2. connect to localhost with tunnel (L7183 localhost:7183) using username_2
After that, Im able to access the web interface when I type localhost:7183 into browser on my local machine.
Now Im trying to reproduce this in Cmder, but I havent been able to do that with one big command, nor 2 separate commands:
ssh -L 7183:localhost:7183 username_1#jump_server ssh -L 22:localhost:22 -N username_2#server_2 -vvv
This is only the last command I used as I tried interchanging ports and hosts without success.
2. Is the syntax different when I want to open port 12345 on my local machine and have it forwarded to port 21050 on server_2 or that would be remote tunneling?
Finally managed to achieve the 1. question with:
ssh username_1#jump_server -L 22:server_2:22 -N -vvv
ssh -L 7183:localhost:7183 username_2#localhost
Now Im albe to access the web interface from server_2 on my localhost:7183
Here's the thing. I'd like to access a remote host by ssh, and make a tunnel as a proxy. I did it on my windows computer with Putty. In putty, there is a "tunnels" options, add a dynamic tunnel would do the trick. That is, a (dynamic, that is in the putty's option, I don't really know what it means)tunnel at port 1111, and then I can access the internet though socks5 proxy 127.0.0.1:1111.
But now I want to make the tunnel on my openwrt router, 192.168.1.1, and access the proxy as 192.168.1.1:1111. I want to know how. There are two major question:
1.the proper command of ctl ssh to make a tunnel just as the putty did. I googled a few, but because of the 2nd question, I never know which one is correct.
2.how can I access the tunnel on the router though 192.168.1.1:1111. As I tried before with ss_local(another proxy program), I established a socks locally but it can never be accessed by my another LAN host. Are there some firewall things to do?
Does anyone know the answers? Thank you!
This is what I did to access remotely to my AP.
I used a SSH Reverse Tunnel to a remote server. Here I dump a simple script to achieve it.
key_ssh=/root/.ssh/id_rsa
user=root
ip='YOUR_SERVER_IP'
port='THE_PORT_YOU_WANT_TO_CONNECT_THROUGH'
#connect ssh
ssh -f -N -i $key_ssh -R 0.0.0.0:$port:localhost:22 $user#$ip
And in your remote server you type:
sudo su
ssh -p THE_PORT_YOU_WANT_TO_CONNECT_THROUGH localhost
You will be asked for the root password, type it and you're in.
I have installed cygwin in windows 7 but i get the following error
$ ssh localhost
ssh: connect to host localhost port 22: Connection refused
I faced the same problem but I ran this on the CYGWIN command line and it worked :
~ : net start sshd
After that I executed the command ssh -v localhost and the error message didn't show up. Hope that this helps !.
If you are facing this problem in Windows XP follow these steps to open port for ssh:
Go to windows firewall of security section in control panel
Exceptions->add port
Give port name as ssh and number as 22.
Select option TCP
Click on Ok
This will help you open ssh from cygwin
For local application development like hadoop on windows please change the scope localhost /ip address in the custom list.
You can try to use port 23 or ask your host provider for the ssh port. Some host providers change the ssh port.
ssh user#yoursite.com -p 23
Cygwin doesn't install an SSH server by default, although you can set up sshd if you want. By default, however, there's nothing to ssh to.
Follow the steps in this link and then do a
$~ net start sshd
$~ ssh localhost
Is there a trick to running Fabric over a reverse SSH tunnel? An interactive ssh connects fine back over the turnnel, but running fab, I just get asked for my password repeatedly.
Here is a snippet with a solution
https://gist.github.com/856179
Just copy, paste and use
Here's a solution that doesn't involve writing any extra Python code:
If you set up your SSH configuration to tunnel over a SOCKS proxy, you can tell Fabric to use the SSH configuration. It's sweet.
Example $HOME/.ssh/config file:
Host bastion
HostName bastion.yourdomain.com
DynamicForward 0.0.0.0:1080
ServerAliveInterval 120
ServerAliveCountMax 30
Host hostbehindthebastion.yourdomain.com
ProxyCommand /usr/bin/nc -x 127.0.0.1:1080 %h %p
Now tell Fabric to use the configuration:
env.use_ssh_config = True
env.hosts = [
"user#hostbehindthebastion.yourdomain.com",
]
Now ssh bastion in one window, then run fab from another window.
See the official Fabric documentation for more information.
NB. You will have to have nc (netcat) installed on your machine to use this solution.
I need to do some work on a server to which I don't have direct access to. I do have access to my company network (via vpn). If I were on that network, I could access the server directly. But, for some reason when I'm on the vpn, I can't access the server directly.
So, I need to ssh into an intermediary ubuntu box, and then create an ssh tunnel from that box to the server.
Then, I can do my work on my laptop and send it through a local tunnel that points to a foreign tunnel (on my ubuntu box) that goes to the server.
But I don't know how to do a tunnel that creates another tunnel to a third server.
Any ideas?
Thanks,
Scott
What are you trying to achieve? If you just want to get to a shell on the server then ssh into the Ubuntu box and then ssh from there to the server.
If you want to access some other network resource on the server then you want to forward a port from the server (where you can't get to it) to the Ubuntu box (where you can). Take a look at the -L option in ssh.
Edit:
Copying files to the server:
tar c path/* | ssh ubuntuName 'ssh serverName "tar x"'
Copying stuff back:
ssh ubuntuName 'ssh serverName "tar c path/*"' | tar x
Obviously you need to change ubuntuName, serverName and path/* to what you want. To use rsync you need the -E option and the same trick of wrapping one ssh command inside another. After reading your comment I'd say that the most general answer to your question is that the trick is making ssh execute a command on the target machine. You do this by specifying the command as an argument after the machine name. If you use ssh as the target command for ssh to execute then you get the two-hop behaviour that you are looking for. Then it is just a matter of playing with quotes until everything is escaped correctly.
It's just a double port forward. Forward the ports from the PC to the ubuntu box, then on the ubuntu box forward those destination ports to the final endpoint. It's been a while since I've done command line ssh (been trapped in windows hell :)), so I can't give the command line you need. Another possibility is to use the SOCKS proxy ability built into SSH.
To connect from your local machine over a second machine to a specific port on the third machine you can use the ssh -N -L option:
ssh -N second_machine -L 8080:third_machine:8082
This maps the Port 8082 on the third machine to port 8080 on the local machine (eg. http://localhost:8080/ ).