Im experiencing a problem replicate my putty ssh tunneling with Cmder bash (on windows machine).
1. I want to access web interface on port 7183 on server_2. To get there I have to go through jump_server first and and tunnel twice, as from the jump_server, only visible port is 22.
Steps with putty:
1. connect to jump_server with tunnel (L22 server_2:22) using username_1
2. connect to localhost with tunnel (L7183 localhost:7183) using username_2
After that, Im able to access the web interface when I type localhost:7183 into browser on my local machine.
Now Im trying to reproduce this in Cmder, but I havent been able to do that with one big command, nor 2 separate commands:
ssh -L 7183:localhost:7183 username_1#jump_server ssh -L 22:localhost:22 -N username_2#server_2 -vvv
This is only the last command I used as I tried interchanging ports and hosts without success.
2. Is the syntax different when I want to open port 12345 on my local machine and have it forwarded to port 21050 on server_2 or that would be remote tunneling?
Finally managed to achieve the 1. question with:
ssh username_1#jump_server -L 22:server_2:22 -N -vvv
ssh -L 7183:localhost:7183 username_2#localhost
Now Im albe to access the web interface from server_2 on my localhost:7183
Related
I have a bizarre problem with my SSH connection. I am trying to connect to Ubuntu server from Windows client (local network, Bitvise SSH client).
jupyter notebook --no-browser --port=8885
Everything launches as normal. I then go to my client
ssh -p 2222 -N -f -L 8800:localhost:8885 user#server
Everything seems normal and I get in. I then go my browser and try localhost:8800 and localhost:8885. Neither responds. Any tips would be appreciated. Many thanks.
Here's the thing. I'd like to access a remote host by ssh, and make a tunnel as a proxy. I did it on my windows computer with Putty. In putty, there is a "tunnels" options, add a dynamic tunnel would do the trick. That is, a (dynamic, that is in the putty's option, I don't really know what it means)tunnel at port 1111, and then I can access the internet though socks5 proxy 127.0.0.1:1111.
But now I want to make the tunnel on my openwrt router, 192.168.1.1, and access the proxy as 192.168.1.1:1111. I want to know how. There are two major question:
1.the proper command of ctl ssh to make a tunnel just as the putty did. I googled a few, but because of the 2nd question, I never know which one is correct.
2.how can I access the tunnel on the router though 192.168.1.1:1111. As I tried before with ss_local(another proxy program), I established a socks locally but it can never be accessed by my another LAN host. Are there some firewall things to do?
Does anyone know the answers? Thank you!
This is what I did to access remotely to my AP.
I used a SSH Reverse Tunnel to a remote server. Here I dump a simple script to achieve it.
key_ssh=/root/.ssh/id_rsa
user=root
ip='YOUR_SERVER_IP'
port='THE_PORT_YOU_WANT_TO_CONNECT_THROUGH'
#connect ssh
ssh -f -N -i $key_ssh -R 0.0.0.0:$port:localhost:22 $user#$ip
And in your remote server you type:
sudo su
ssh -p THE_PORT_YOU_WANT_TO_CONNECT_THROUGH localhost
You will be asked for the root password, type it and you're in.
I've long seeked a solution to tunnel to a machine behind a firewall, passing VNC (or other ports) through. Like explained in this old usenet post, which I'll recap here:
I have to log through an intermediate machine, something like:
local $ ssh interim
interim $ ssh remote
remote $ ...any commands...
This works fine. But now I am trying to tunnel a vnc session from remote to local and I can't find the magic incantation, using either one or two steps.
I recently found a wonderfully simple and adaptable solution: simply tunnel the ssh to the target system through the connection to the firewall. Like such:
local $ ssh -L 2222:remote:22 interim
interim $ ...no need to do anything here...
In another local console you connect to localhost on port 2222, which is actually your remote destination:
local $ ssh -C -p 2222 -L 5900:localhost:5900 localhost
remote $ ...possibly start you VNC server here...
In yet another local console:
local $ xtightvncviewer :0
It's that simple. You can add any port forwarding you want to the 2nd command (-L localport:localhost:remoteport) just like if there wasn't any intermediate firewall. For instance for RDP: -L 3389:localhost:3389
I'm trying to open an ipython-notebook (which is running on a server) on a macbook from a remote location through an ssh tunnel but no data received.
This is the command for the SSH tunnel
ssh -L 5558:localhost:5558 -N -t -x user#remote-host
and this is the command I used to lunch the notebook form the server
ipython notebook --pylab=inline --port=5558 --ip=* --no-browser --notebook-dir notebooks
Than I tried to open it on a new tab with this remote-host:5558 but no data received.
Thanks in advance!
The directive -L AAAA:somehost:BBBB will cause SSH to listen on port AAAA on localhost (the machine the ssh command is run on) and forward any connection to that port, over the SSH session, to the host somehost port BBBB. So, you need to open http://localhost:5558/ in the browser on the machine you run the ssh command on.
Read this: How do I add a kernel on a remote machine in IPython (Jupyter) Notebook?
Remote jupyter kernel/kernels administration utility (the rk) here: https://github.com/korniichuk/rk
I need to do some work on a server to which I don't have direct access to. I do have access to my company network (via vpn). If I were on that network, I could access the server directly. But, for some reason when I'm on the vpn, I can't access the server directly.
So, I need to ssh into an intermediary ubuntu box, and then create an ssh tunnel from that box to the server.
Then, I can do my work on my laptop and send it through a local tunnel that points to a foreign tunnel (on my ubuntu box) that goes to the server.
But I don't know how to do a tunnel that creates another tunnel to a third server.
Any ideas?
Thanks,
Scott
What are you trying to achieve? If you just want to get to a shell on the server then ssh into the Ubuntu box and then ssh from there to the server.
If you want to access some other network resource on the server then you want to forward a port from the server (where you can't get to it) to the Ubuntu box (where you can). Take a look at the -L option in ssh.
Edit:
Copying files to the server:
tar c path/* | ssh ubuntuName 'ssh serverName "tar x"'
Copying stuff back:
ssh ubuntuName 'ssh serverName "tar c path/*"' | tar x
Obviously you need to change ubuntuName, serverName and path/* to what you want. To use rsync you need the -E option and the same trick of wrapping one ssh command inside another. After reading your comment I'd say that the most general answer to your question is that the trick is making ssh execute a command on the target machine. You do this by specifying the command as an argument after the machine name. If you use ssh as the target command for ssh to execute then you get the two-hop behaviour that you are looking for. Then it is just a matter of playing with quotes until everything is escaped correctly.
It's just a double port forward. Forward the ports from the PC to the ubuntu box, then on the ubuntu box forward those destination ports to the final endpoint. It's been a while since I've done command line ssh (been trapped in windows hell :)), so I can't give the command line you need. Another possibility is to use the SOCKS proxy ability built into SSH.
To connect from your local machine over a second machine to a specific port on the third machine you can use the ssh -N -L option:
ssh -N second_machine -L 8080:third_machine:8082
This maps the Port 8082 on the third machine to port 8080 on the local machine (eg. http://localhost:8080/ ).