How do you do DNS over SSH using Windows client and linux server reliably?
I found a reliable way to do it using socat -> ssh -> socat
Related
My company uses a Yubikey to connect to the ssh consoles of the systems we manage. The Yubikey uses gpg to access the ssh private key on the card, but it fails to work through Mysql Workbench and we are forced to use SequelPro. How do we get Mysql WorkBench ssh authentication through the yubikey?
Fyi, I contacted Mysql community and YubiCo and neither had an answer.
I found that we could just bind the remote MySQL port, 3306, to a local port, like 400. Assuming you have ssh working already with the Yubikey, of course. This was developed on my Ubuntu 20.04 LTS desktop, but could just as easily work on MacOSX or other Linux distros.
ssh user#host -L 4000:localhost:3306
Then in Mysql WorkBench you make a localhost tcp connection on port 4000 and you are tunneling through the ssh connection.
I have a client and a server. there is a firewall between them such that the client can ssh to the server, but the server can not ssh to the client.
i'd like to set up an ssh tunnel from the client to the server that would allow the server to make ssh connections back to the client.
I know there are several posts on ssh tunneling, but have not found anything that talks about this. I know its possible I just can't find it.
thanks for your time.
Try on the client
ssh -R 45849:127.0.0.1:22 <server_user#server>
Then on the server you should be able to do
ssh -p 45849 <client_user#127.0.0.1>
That's if I got everything right, otherwise try switching the 45849 and the 22 on the '-R'.
Later edit:
I've just tested it, it's all good (I was on the phone first). For something to go wrong you will have to have at least one of the following problems:
port forwarding disable on either of the servers. Check with sudo grep AllowTcpForwarding /etc/ssh/sshd_config, make sure it says yes
sshd server binding/listening interface on the client. Check with sudo netstat -lntp | grep ssh, you should see "0.0.0.0:22" listed (not sure if ":::22" helps), if you find another IP address use it instead of the "127.0.0.1" in the "-R" argument.
Here's the thing. I'd like to access a remote host by ssh, and make a tunnel as a proxy. I did it on my windows computer with Putty. In putty, there is a "tunnels" options, add a dynamic tunnel would do the trick. That is, a (dynamic, that is in the putty's option, I don't really know what it means)tunnel at port 1111, and then I can access the internet though socks5 proxy 127.0.0.1:1111.
But now I want to make the tunnel on my openwrt router, 192.168.1.1, and access the proxy as 192.168.1.1:1111. I want to know how. There are two major question:
1.the proper command of ctl ssh to make a tunnel just as the putty did. I googled a few, but because of the 2nd question, I never know which one is correct.
2.how can I access the tunnel on the router though 192.168.1.1:1111. As I tried before with ss_local(another proxy program), I established a socks locally but it can never be accessed by my another LAN host. Are there some firewall things to do?
Does anyone know the answers? Thank you!
This is what I did to access remotely to my AP.
I used a SSH Reverse Tunnel to a remote server. Here I dump a simple script to achieve it.
key_ssh=/root/.ssh/id_rsa
user=root
ip='YOUR_SERVER_IP'
port='THE_PORT_YOU_WANT_TO_CONNECT_THROUGH'
#connect ssh
ssh -f -N -i $key_ssh -R 0.0.0.0:$port:localhost:22 $user#$ip
And in your remote server you type:
sudo su
ssh -p THE_PORT_YOU_WANT_TO_CONNECT_THROUGH localhost
You will be asked for the root password, type it and you're in.
I'm using SSH tunneling for the first time, so I'm trying to understand how to configure it.
I've got a remote Linux server that hosts a MySQL database that I'm trying to connect to. In order to access the MySQL database directly through a software that only recognizes local databases, I suppose SSH tunneling would be the right way to set up the access, correct?
Now, I'm trying to set up the tunneling on my 'home' computer which is running the software that's trying to access the MySQL database. My first question is whether this is reverse tunneling or normal tunneling? Secondly, is it local tunneling or remote tunneling?
Finally, from what I understand, my code is supposed to look something like
ssh -L 8080:mylinuxserver.mycompany.com:22 myuser#mylinuxserver.mycompany.com
Is this correct? Is my source port '22' since I'm using SSH and is my destination port 8080 (or is there something more appropriate)?
When I try to use the above code, I am able to login using my passphrase (since my key is already in the MyLinuxServer) but when I ping localhost:8080, it cannot find the host.
What am I doing wrong?
I've got a remote Linux server that hosts a MySQL database that I'm trying to connect to
The command should be:
ssh -L 8080:localhost:3306 myuser#mylinuxserver.mycompany.com
Where:
8080: is hte local port on your workstation
localhost: is corresponding to mylinuxserver.mycompany.com
3306: the MySQL port on above localhost.
then connect (from your workstation) to MySQL as:
mysql -h 127.0.0.1 --port=8080
Besides, ping localhost:8080 is wrong. Ping cannot work that way.
Try this:
ssh -f ssh_user#mylinuxserver.mycompany.com -L 3307:mysql1.example.com:3306 -N
Next, to access the mysql your trying to connect to:
mysql -h 127.0.0.1 -P 3307
Is it possible to use tunneling to connect to a ssh server via telnet? I'm using an API that can only telnet to a host, but that host will only accept ssh connections. If it is possible, what do I need to do to set that up?
Use netcat and ssh
$ nc -l -p 12345 -c "ssh someone#remotehost.com"
make sure that you have RSA auth setup, since you cannot enter a password.
i think what would work would be to run a telnet server on a local port on the host and use ssh to forward that locally where the api could connect to it; but that's just a bit silly