I am trying to access a linux server through ssh. Typically this is accessed through a Win2012 jump server using putty.
I was able to setup a reverse ssh connection in putty from jump server to a AWS VM through HTTP proxy. And this was supposed to forward it to my linux server. But when I connect to my AWS VM and initiate ssh over my remote port, the whole thing just hangs. What am I doing wrong, and is there a better/easier way? No malicious intent, I have physical access to both jump server and linux server. Just bypassing shitty corp firewall.
Can you explain what you did in details ?
Typically on unix systems, for a reverse ssh tunnel, you can do this on your server behind the firewall:
ssh -NR ssh_port_AWS:localhost:ssh_port_local_server user#ip_AWS
You need to replace
ssh_port_AWS by the port of the distant server that you want to use to access the local server.
ssh_port_local_server by the port of the ssh server of your local server (if you don't change anything, 22).
user#ip_AWS by your AWS connection details (user#IP)
Related
I have a server installed on VM and a LDAP(opendj) server created using Apache Directory Studio on my host computer. Now, I would like to connect that LDAP server to local VM so that the VM server can pull user's information from LDAP server. is it possible to do that? I could not understand how to establish a communication between these two server.
Thanks.
Remote Port Forwarding actually does work here.
my ldap server port was 10389.
I have created a tunnel from host to vm:
ssh -R 10389:localhost:10389 root#172.16.130.132(vm-ip)
after then, vm can reach to the host through this port (10389).
Sorry, I don't have that much knowledge on ssh. But this one worked for me.
I would like to connect the remote machine to my local VPN and then ssh to that remote machine from the other machines in my local network.
Is this possible? Will the remote machine get new IP which will be visible in my local network? Do I need to configure anything manually?
I'm using FortiClient for VPN.
Yes this is absolutely possible. Try Following steps
1-Deploy VPN and assign the ipranges in DHCP public or private
2-Make Sure to turn off the firewall for vpn server for now
3-Turn off the Clients Firewall
4-Connect to VPN
5-If your connection loose try to see the client's IP from server
side and try to take SSH
6-Take ssh from your server
7- Ping the server from other local machines
8-Then enable the server side firewall and see the effect if ssh is
still possible if not make a rule for specific port for ssh
I'm trying to establish a secure connection to my emr server on AWS.
I have successfully connected through putty to it. However I would like to use zeppelin through the SSH tunnel.
Does the following look correct to forward the port 8890 from the EMR host to my local machines 8890 so that traffic is encrypted? Im on a windows machine.
Thanks,
Tim
Destination is in respect to the SSH Server. Providing Localhost:8890 will mean 8890 of the machine on which SSH server is running.
There are complicated situation.
Participants: Laptop, development server, server2, server1.
From my laptop via ssh I need access development server (ssh only).
From development server I need access server2 (ssh only).
From servers2 browser (lynx) I need access server1 (uses https).
Is it possible to forward ssh ports and access server1 using my laptop browser?
Please, advice me :)
If you forward your ssh port, you cannot connect to the original server anymore. However, you can assign your ssh server different ports. These can be forwarded.
I am currently trying to work out how to SSH to servers behind firewalls that deny all incoming connections. The servers can SSH out, so I am wondering if there is a way to get the server behind the firewall to create an SSH tunnel to my workstation, then allow my workstation to send commands back to the server through it?
I have looked into tunneling / reverse tunneling, but these appear to be port forwarding solutions, which will not work as the firewall denies all connections on all ports.
Ideally, I would like to do this in Ruby (using the Net::SSH gem), such that instead of opening a new connection like:
Net::SSH.start('host', 'user', :password => "password")
I could somehow bind to an existing tunnel.
Thanks!
This is fairly simple if you have control over the server. I'll give the command-line version, and you can work that into any framework you like:
server$ ssh -R 9091:localhost:22 client.example.egg
client$ ssh -p 9091 localhost
The server establishes a connection to the client first which starts listening on the "R"emote end (i.e. the client) on port 9091 (something I just made up), and forwards those connections to localhost:22, i.e. to the ssh server on itself.
The client then just needs to connect to its own local port 9091, which is transparently forwarded to the server's ssh server.
This will usually wreak havoc to your public key checking (and adherent security!), because the client's ssh client doesn't know that localhost:9091 is the same as server:22. If your client is Putty, then you have an option to provide the "real" server name somewhere so that the credentials can be looked up properly.
Unless you can create (and maintain) a tunnel out from the host you're trying to connect to first (which would allow you then to connect through that tunnel), no you can't. That's the point of a firewall: prevent unauthorised access to a network.
However the firewall shouldn't block a tunnel, although it depends exactly how the tunnel's managed. A port-forwarding tunnel set up using ssh's tunneling features would subvert the firewall. However it may also get you in trouble with the administrator of the remote network.
So ultimately, you'd need to speak to the network administrator to get the firewall rules relaxed in order to do it without needing to tunnel, or at least get authorisation to have a tunnel.