02-27-2007
SSH Tunneling
Hi all
question -
there are 2 servers A + B. server A is connected to the internet and running a squid proxy server - server B is behind a firewall. I can ssh from A to B but not from B to A. I need internet access on B to update some files. I thought I could use some sort of ssh tunnel to achieve this.
I was thought a remote port forward from A to B. I configured this ( from server A do 'ssh -R 1234:squidproxy_ipaddress:3128 user@server_B) and got a http 403 error when doing the update on B and pointing at localport 1234 which , i thought, indicated a permissions issue on the squid proxy no problem to sort out - except i dont have permissions to do it
- the sysadmin can sort it out though
however
The sysadmin says it wont work I should be doing a local port forward on A - i configured this (ssh -L:localhost:3128 user@serverB) and got a 'connection refused error' when doing the update from server B
its not resolved yet as sysadmins unavailable but out of curiosity who is right here - these tunnels can get a bit confusing! - thoughts appreciated as always
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hello,
I am within a LAN system and I need to be able to tunnel out (and recv UDP) packets.
Currently the router automatically drops UDP packets.
My PC cant see the outside world, nor ping, but it can connect via SSH to a server on the "edge" of the network which can see everything. I... (2 Replies)
Discussion started by: ErNci
2 Replies
2. Solaris
Hi,
I have tried the following:
on PC1 (win xp) I have created ssh connection with port forwarding
(local 8888 to remote 8888) to server1.
>From server1 I have created another ssh connection with port
forwarding to server2(local 8888 to remote 1521).
When I try to connect to oracle... (3 Replies)
Discussion started by: goran00
3 Replies
3. Filesystems, Disks and Memory
Hello Folks,
Im trying to pass the NFS Shared data through the SSH tunnel. Following are the Steps for my Executions:
A) Commands Executed on Server (NFS Server + SSHD Server running)
i) share -F nfs -o rw=<NFS Server IP> /home
ii) Start the NFS Server Services and SSHD Services.
... (3 Replies)
Discussion started by: ImpeccableCode
3 Replies
4. UNIX for Advanced & Expert Users
Hi - I frequently run commands, and transfer files to/from a host that uses SecurID ssh authentication. It is a real pain to have to enter the authentication information every time I want to interact with this host. I am wondering if there is a way to establish a one-time ssh connection to this... (2 Replies)
Discussion started by: cpp6f
2 Replies
5. Infrastructure Monitoring
Performing UDP tunneling through an SSH connection
Found this while looking for a way to temporarily forward SNMP requests across otherwise disconnected networks. Might be useful for someone else, too. (1 Reply)
Discussion started by: pludi
1 Replies
6. UNIX for Dummies Questions & Answers
So this seems like something that should be simple...but I can't quite seem to get it up and running. I have a machine, .107 with a GUI on port 8443. The problem is that I can't connect directly to .107 from my laptop. Now I have another machine, .69 that can connect to .107. So shouldn't I be able... (4 Replies)
Discussion started by: DeCoTwc
4 Replies
7. Shell Programming and Scripting
Is it secure to use free shells for ssh tunneling? Can the shell provider see and log the sites I visit and passwords I enter?
I'm new to this thing and couldn't find info on google :o (5 Replies)
Discussion started by: rafunk
5 Replies
8. UNIX for Advanced & Expert Users
Hi!
I came to know about SSH Tunneling to bypass the Firewall.
I will have to setup a free access SSH server to tunnel data access through PUTTY or OpenSSH.
The problem is that I don't know about any free access servers.
So, can anyone of you guide me for that, for any type of help? (1 Reply)
Discussion started by: nixhead
1 Replies
9. UNIX for Dummies Questions & Answers
I want to perform ssh tunnelling for which I have been using PuTTy. Config is as follows:
Host IP: 172.XX.XX.111Port: 22Tunnel setting source port: 19005Destination: 172.XX.XX.40:1521After entering my user ID and password, I am able to see in my command prompt that 127.0.0.1:19005 is listening.... (1 Reply)
Discussion started by: aakashsoor
1 Replies
10. Shell Programming and Scripting
I have a process running on my local server.
http://dev.techx.com:6060/proct
I wish to block port 6060 and expose port 7777 to the outside world.
I block port 6060 and open port 7777 on the firewall.
What should be the PuTTY Settings -> Connection -> SSH -> Tunnels
1. Destination ... (3 Replies)
Discussion started by: mohtashims
3 Replies
LEARN ABOUT DEBIAN
squid3_radius_auth
squid_radius_auth(8) System Manager's Manual squid_radius_auth(8)
NAME
squid_radius_auth - Squid RADIUS authentication helper
SYNOPSIS
squid_radius_auth -f configfile
squid_radius_auth -h "server" [-p port] [-i identifier] -w secret
DESCRIPTION
This helper allows Squid to connect to a RADIUS server to validate the user name and password of Basic HTTP authentication.
-f configfile
Specifies the path to a configuration file. See the CONFIGURATION section for details.
-h server
Alternative method of specifying the server to connect to
-p port
Specify another server port where the RADIUS server listens for requests if different from the default RADIUS port. Normally not
specified.
-i identifier
Unique identifier identifying this Squid proxy to the RADIUS server. If not specified the IP address is used as to identify the
proxy.
-w secret
Alternative method of specifying the shared secret. Using the configuration file is generally more secure and recommended.
-t timeout
RADIUS request timeout. Default 10 seconds.
CONFIGURATION
The configuration specifies how the helper connects to RADIUS. The file contains a list of directives (one per line). Lines beginning with
a # is ignored.
server radiusserver
specifies the name or address of the RADIUS server to connect to.
secret somesecretstring
specifies the shared RADIUS secret.
identifier nameofserver
specifies what the proxy should identify itsels as to the RADIUS server. This directive is optional.
port portnumber
Specifies the port number or service name where the helper should connect.
AUTHOR
This manual page was written by Henrik Nordstrom <hno@squid-cache.org>
squid_radius_auth is written by Marc van Selm <selm@cistron.nl> with contributions from Henrik Nordstrom <hno@squid-cache.org> and many
others
QUESTIONS
Any questions on usage can be sent to Squid Users <squid-users@squid-cache.org>, or to your favorite RADIUS list/friend if the question is
more related to RADIUS than Squid.
REPORTING BUGS
Report bugs or bug-fixes to Squid Bugs <squid-bugs@squid-cache.org> or ideas for new improvements to Squid Developers <squid-dev@squid-
cache.org>
SEE ALSO
RFC2058 - Remote Authentication Dial In User Service (RADIUS)
Squid RADIUS Auth 7 August 2004 squid_radius_auth(8)