I want to expose my system for accessing via ssh.
After running this ./ngrok tcp 12345, I see:
Forwarding tcp://0.tcp.ngrok.io:15909 -> localhost:12345
In my ~/.ssh/config, I add the following lines, as I have a proxy in my workplace:
Host ngrok
Hostname 0.tcp.ngrok.io
ProxyCommand corkscrew 172.16.2.30 8080 %h %p
To test, I am trying to access my own system from my own system (another shell) via ngrok. Then finally when I access using
ssh -p 15909 ngrok
it says:
ssh_exchange_identification: Connection closed by remote host
How do I access it?
See Unable to ssh into remote Linux by ngrok
but also try this from the new shell when you want to ssh into your ngrok
ssh <username>#0.tcp.ngrok.io -p 15909
where username is the user your sshing into
Related
I want to connect with SSH to my Server, at home it isn't a problem. But at work there is a HTTP Proxy between my PC and my Server. I am using MobaXterm for my SSH connection and on there Website https://mobaxterm.mobatek.net/plugins.html i can see the Plugin Corkscrew (Corkscrew allows to tunnel TCP connections through HTTP proxies). So SSH is a TCP based connection, so is it possible to create SSH connection through a HTTP Proxy?
I already installed the Plugin in MobaXterm but I can't find any option to do what i wan't. I googled it but i don't find any example for that with MobaXterm. Can anyone help me with this?
Try running man corkscrew in your MobaXterm terminal
Download that plugin and put it into Mobaxterm folder
&
vim ~/.ssh/config
Without username/password:
Host *
ProxyCommand /bin/corkscrew "proxy ip / domain" "port" %h %p
With username/password:
Host *
ProxyCommand /bin/corkscrew "proxy ip / domain" "port" %h %p /home/"user name"/.corkscrew-auth
vim .corkscrew-auth:
username:password
I am running Ansible on my machine. And my machine does not have ssh access to the remote machine. Port 22 connection originating from local machine are blocked by the institute firewall. But I have access to a machine (ssh-tunnel), through which I can login to the remote machine. Now is there a way we can run ansible playbook from local machine on remote hosts.
In a way is it possible to make Ansible/ssh connect to the remote machine, via ssh-tunnel. But not exactly login to ssh-tunnel. The connection will pass through the tunnel.
Other way is I can install ansible on ssh-tunnel, but that is not the desired and run plays from there. But that would not be a desired solution.
Please let me know if this is possible.
There are two ways to achieve this without install the Ansible on the ssh-tunnel machine.
Solution#1:
Use these variables in your inventory:
[remote_machine]
remote ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222 ansible_ssh_user='username' ansible_ssh_private_key_file='/home/user/private_key'
hope you understand above parameters, if need help please ask in comments
Solution#2:
Create ~/.ssh/config file and add the following parameters:
####### Access to the Private Server through ssh-tunnel/bastion ########
Host ssh-tunnel-server
HostName x.x.x.x
StrictHostKeyChecking no
User username
ForwardAgent yes
Host private-server
HostName y.y.y.y
StrictHostKeyChecking no
User username
ProxyCommand ssh -q ssh-tunnel-server nc -q0 %h %p
Hope that help you, if you need any help, feel free to ask
No request to install ansible on the jump and remote servers, ansible is ssh service only tool :-)
First make sure you can work it directly with SSH Tunnel.
On local machine (Local_A), you can login to Remote machine (Remote_B) via jump box (Jump_C).
login server Local_A
ssh -f user#remote_B -L 2000:Jump_C:22 -N
The other options are:
-f tells ssh to background itself after it authenticates, so you don't have to sit around running something on the remote server for the tunnel to remain alive.
-N says that you want an SSH connection, but you don't actually want to run any remote commands. If all you're creating is a tunnel, then including this option saves resources.
-L [bind_address:]port:host:hostport
Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.
There will be a password challenge unless you have set up DSA or RSA keys for a passwordless login.
There are lots of documents teaching you how to do the ssh tunnel.
Then try below ansible command from Local_A:
ansible -vvvv remote_B -m shell -a 'hostname -f' --ssh-extra-args="-L 2000:Jump_C:22"
You should see the remote_B hostname. Let me know the result.
Let's say you can ssh into x.x.x.x from your local machine, and ssh into y.y.y.y from x.x.x.x, while y.y.y.y is the target of your ansible playbook.
inventory:
[target]
y.y.y.y
playbook.yml
---
- hosts: target
tasks: ...
Run:
ansible-playbook --ssh-common-args="-o ProxyCommand='ssh -W %h:%p root#x.x.x.x'" -i inventory playbook.yml
I have remote host/server with ssh access.
I have my computer in my work network which can connect via ssh only
in within this network.
And i can not connect via ssh to other world because of port 22
blocked by firewall.
I am trying to create ssh tunnel to forward example localhost:80 to remote_server:22.(i suppose to connect via ssh to localhost and will be forwarded to my remote server)
I tried for example without proxy
sudo ssh -L localhost:443:remote_server_ip:22 root#remote_host_name
and with proxy
https://wiki.archlinux.org/index.php/Tunneling_SSH_through_HTTP_proxies_using_HTTP_Connect
I have read a lot and checked stackoverflow but it still is not clear for me how to resolve this issue.
I'm trying to use rsync to connect to an Rsync server. However, our company firewall blocks the 873 port used by rsync.
Using the following proxy configuration with corkscrew in the ~/.ssh/config file, I can bypass the firewall and connect to remote servers with SSH:
ProxyCommand /usr/local/bin/corkscrew our-http-proxy.domain.name 8080 %h %p
Thus, with the above configuration, I use ssh the following way, which lets me connect to a remote machine with no problem:
ssh -L 8080:localhost:80 username#remote.machine.name -p 443
My question is, can I use rsync to utilize such ssh tunnel, and connect to the Rsync server?
I so far tried a few ways to have rsync utilize the same ssh proxy configuration. One of them is as follows, which always results in ssh_exchange_identification: Connection closed by remote host:
rsync -CaLvz -e "ssh -L 873:remote.rsync-server.name:443" remote.rsync-server.name::remote-source-directory /local/target/directory/
Any ideas?
Is it possible to use tunneling to connect to a ssh server via telnet? I'm using an API that can only telnet to a host, but that host will only accept ssh connections. If it is possible, what do I need to do to set that up?
Use netcat and ssh
$ nc -l -p 12345 -c "ssh someone#remotehost.com"
make sure that you have RSA auth setup, since you cannot enter a password.
i think what would work would be to run a telnet server on a local port on the host and use ssh to forward that locally where the api could connect to it; but that's just a bit silly