Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH port forwarding/tunneling
Top Forums UNIX for Dummies Questions & Answers SSH port forwarding/tunneling Post 302451864 by DeCoTwc on Wednesday 8th of September 2010 09:41:46 AM
Old 09-08-2010
I'm on a Windows machine, but I have ssh & Cygwin installed. I also have a Linux VM.
 

10 More Discussions You Might Find Interesting

1. Solaris

ssh tunneling

Hi, I have tried the following: on PC1 (win xp) I have created ssh connection with port forwarding (local 8888 to remote 8888) to server1. >From server1 I have created another ssh connection with port forwarding to server2(local 8888 to remote 1521). When I try to connect to oracle... (3 Replies)
Discussion started by: goran00
3 Replies

2. UNIX for Advanced & Expert Users

SSH Tunneling

Hi all question - there are 2 servers A + B. server A is connected to the internet and running a squid proxy server - server B is behind a firewall. I can ssh from A to B but not from B to A. I need internet access on B to update some files. I thought I could use some sort of ssh tunnel to... (1 Reply)
Discussion started by: silvaman
1 Replies

3. Filesystems, Disks and Memory

Tunneling NFS through SSH????

Hello Folks, Im trying to pass the NFS Shared data through the SSH tunnel. Following are the Steps for my Executions: A) Commands Executed on Server (NFS Server + SSHD Server running) i) share -F nfs -o rw=<NFS Server IP> /home ii) Start the NFS Server Services and SSHD Services. ... (3 Replies)
Discussion started by: ImpeccableCode
3 Replies

4. Cybersecurity

ssh X-forwarding and remote forwarding behind proxy

Hi, from my workplace we use a proxy to connect to the outside world, including external ssh servers. The problem is that the server is seeing the connection coming from the proxy and knows nothing about the client behind it. The ssh connection itself works fine, but x-forwarding does not work as... (1 Reply)
Discussion started by: vampirodolce
1 Replies

5. IP Networking

SSH Port Forwarding - sharing the same port

Hi Linux/Unix Guru, I am setting Linux Hopping Station to another different servers. My current config to connect to another servers is using different port to connect. e.g ssh -D 1080 -p 22 username@server1.com ssh -D 1081 -p 22 username@server2.com Now what I would like to have... (3 Replies)
Discussion started by: regmaster
3 Replies

6. Infrastructure Monitoring

Tunneling UDP via SSH

Performing UDP tunneling through an SSH connection Found this while looking for a way to temporarily forward SNMP requests across otherwise disconnected networks. Might be useful for someone else, too. (1 Reply)
Discussion started by: pludi
1 Replies

7. IP Networking

Totally stucked in ssh port forwarding

Hello my friends , i am totally stuck in ssh port forwarding topic i had learn iptables and other networking topic without any problem but ssh port forwarding is headache 1. local port = what is this ? is this incoming traffic or outgoing traffic 2. remote port = same as above 3. dynamic... (2 Replies)
Discussion started by: rink
2 Replies

8. IP Networking

Ftp over SSH port forwarding

Hi, I'm trying to connect ftp over ssh port forwarding to a sever(UnixC) behind FireWall(F/W). here's my env and question. UnixA(SSH Client) ----F/W ---- UnixB(SSH Svr) ---- UnixC (FTP, 21) UnixA wants to connect ftp service of UnixC via SSH port forwarding on UnixB. Unix A,... (3 Replies)
Discussion started by: hanyunq
3 Replies

9. IP Networking

Ssh port forwarding through a pseudo terminal

Here's a situation: I do all my work on a Mac. I have mysql installed on my mac. 1. There's a certain linux server 'server01' that provides access to another linux server 'server02' via a pseudo terminal So, to ssh into 'server02', I do this from my mac: ssh -t server01... (1 Reply)
Discussion started by: imperialguy
1 Replies

10. UNIX for Dummies Questions & Answers

Ssh tunneling

I want to perform ssh tunnelling for which I have been using PuTTy. Config is as follows: Host IP: 172.XX.XX.111Port: 22Tunnel setting source port: 19005Destination: 172.XX.XX.40:1521After entering my user ID and password, I am able to see in my command prompt that 127.0.0.1:19005 is listening.... (1 Reply)
Discussion started by: aakashsoor
1 Replies

LEARN ABOUT DEBIAN

svn::notify::mirror::ssh

SVN::Notify::Mirror::SSH(3pm)				User Contributed Perl Documentation			     SVN::Notify::Mirror::SSH(3pm)

NAME

       SVN::Notify::Mirror::SSH - Mirror a repository path via SSH

SYNOPSIS

       Use svnnotify in post-commit:

	 svnnotify --repos-path "$1" --revision "$2" 
	  --handler Mirror::SSH --to "/path/to/www/htdocs" 
	  [--svn-binary /full/path/to/svn] 
	  [[--ssh-host remote_host] [--ssh-user remote_user] 
	  [--ssh-tunnel 10.0.0.2] 
	  [--ssh-identity /home/user/.ssh/id_rsa]]

       or better yet, use SVN::Notify::Config for a more sophisticated setup:

	 #!/usr/bin/perl -MSVN::Notify::Config=$0
	 --- #YAML:1.0
	 '':
	   PATH: "/usr/bin:/usr/local/bin"
	 'path/in/repository':
	   handler: Mirror
	   to: "/path/to/www/htdocs"
	 'some/other/path/in/repository':
	   handler: Mirror::SSH
	   to: "/path/to/remote/www/htdocs"
	   ssh-host: "remote_host"
	   ssh-user: "remote_user"
	   ssh-tunnel: "10.0.0.2"
	   ssh-identity: "/home/user/.ssh/id_rsa"

DESCRIPTION

       Keep a directory in sync with a portion of a Subversion repository.  Typically used to keep a development web server in sync with the
       changes made to the repository.	This directory can either be on the same box as the repository itself, or it can be remote (via SSH
       connection).

USAGE

       Depending on whether the target is a "Local Mirror" or a Remote Mirror, there are different options available.  All options are available
       either as a commandline option to svnnotify or as a hash key in SVN::Notify::Config (see their respective documentation for more details).

   Working Copy on Mirror
       Because 'svn export' is not able to be consistently updated, the sync'd directory must be a full working copy, and if you are running
       Apache, you should add lines like the following to your Apache configuration file:

	 # Disallow browsing of Subversion working copy
	 # administrative directories.
	 <DirectoryMatch "^/.*/.svn/">
	  Order deny,allow
	  Deny from all
	 </DirectoryMatch>

       The files in the working copy must be writeable (preferrably owned) by the user identity executing the hook script (this is the user
       identity that is running Apache or svnserve respectively).

Local Mirror
       Please see " SVN::Notify::Mirror " for details.

   Remote Mirror
       Used for directories not located on the same machine as the repository itself.  Typically, this might be a production web server located in
       a DMZ, so special consideration must be paid to security concerns.  In particular, the remote mirror server may not be able to directly
       access the repository box.

       NOTE: be sure and consult "Remote Mirror Pre-requisites" before configuring your post-commit hook.

       o   ssh-host

	   This value is required and must be the hostname or IP address of the remote host (where the mirror directories reside).

       o   ssh-user

	   This value is optional and specifies the remote username that owns the working copy mirror.

       o   ssh-identity

	   This value may be optional and should be the full path to the local identity file being used to authenticate with the remote host. If
	   you are setting the ssh-user to be something other than the local user name, you will typically also have to set the ssh-identity.

       o   ssh-tunnel

	   If the remote server does not have direct access to the repository server, it is possible to use the tunneling capabilities of SSH to
	   provide temporary access to the repository.	This works even if repository is located internally, and the remote server is located
	   outside of a firewall or on a DMZ.

	   The value passed for ssh-tunnel should be the IP address to which the local repository service is bound (when using svnserve).  This
	   will tunnel port 3690 from the repository box to localhost:3690 on the remote box.  This must also be the way that the original working
	   copy was checked out (see below).

	   To tunnel some other port, for example when using Apache/mod_dav, ssh-tunnel should be the entire mapping expression, as described in
	   the OpenSSH documentation under the "-R" option (remote port forwarding).  For most sites, passing "8080:10.0.0.2:80" will work (which
	   will tunnel port 80 from the repository to port 8080 on the remote client).	If you are using SSL with Apache, you can use e.g.
	   "80443:10.0.0.2:443".

	   For example, see "Remote Mirror Pre-requisites" and after step #6, perform the following additional steps (when using svnserve):

	     # su - localuser
	     $ ssh -i .ssh/id_rsa remote_user@remote_host -R3690:10.0.0.2:3690
	     $ cd /path/to/mirror/working/copy
	     $ svn co svn://127.0.0.1/repos/path/to/files .

	   where 10.0.0.2 is the IP address hosting the repository service.  For the same configuration when using Apache/mod_dav, do this
	   instead:

	     # su - localuser
	     $ ssh -i .ssh/id_rsa remote_user@remote_host -R8080:10.0.0.2:80
	     $ cd /path/to/mirror/working/copy
	     $ svn co http://127.0.0.1:8080/repos/path/to/files .

       o   ssh-options

	   If you have any other options that you would like to pass to the ssh client (for example to change the default SSH port), you can pass
	   extra options using this parameter.	Be sure that you pass it a string that has ssh long option/value pairs separated by a space, or
	   short options without any space at all.  Internally, parameter is split on spaces and passed in the @Net::SSH::options array.

   Remote Mirror Pre-requisites
       Before you can configure a remote mirror, you need to produce an SSH identity file to use:

       1. Log in as repository user
	   Give the user identity being used to execute the hook scripts (the user running Apache or svnserve) a shell and log in as that user,
	   e.g. "su - svn";

       2. Create SSH identity files on repository machine
	   Run "ssh-keygen" and create an identity file (without a password).

       3. Log in as remote user
	   Perform the same steps as #1, but this time on the remote machine.  This username doesn't have to be the same as in step #1, but it
	   must be a user with full write access to the mirror working copy.

       4. Create SSH identity files on remote machine
	   It is usually more efficient to go ahead and use "ssh-keygen" to create the .ssh folder in the home directory of the remote user.

       5. Copy the public key from local to remote
	   Copy the .ssh/id_dsa.pub (or id_rsa.pub if you created an RSA key) to the remote server and add it to the .ssh/authorized_keys for the
	   remote user.  See the SSH documentation for instructions on how to configure

       6. Confirm configuration
	   As the repository user, confirm that you can sucessfully connect to the remote account, e.g.:

	     # su - local_user
	     $ ssh -i .ssh/id_rsa remote_user@remote_host

	   This is actually a good time to either check out the working copy or to confirm that the remote account has rights to update the
	   working copy mirror.  If the remote server does not have direct network access to the repository server, you can use the tunnel
	   facility of SSH (see ssh-tunnel above) to provide access (e.g.  through a firewall).

       Once you have set up the various accounts, you are ready to set your options.

AUTHOR

       John Peacock <jpeacock@cpan.org>

COPYRIGHT

       Copyright (c) 2005-2008 John Peacock

       This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

       The full text of the license can be found in the LICENSE file included with this module.

SEE ALSO

       SVN::Notify, SVN::Notify::Config, SVN::Notify::Mirror

POD ERRORS

       Hey! The above document had some coding errors, which are explained below:

       Around line 278:
	   You forgot a '=back' before '=head1'

perl v5.14.2							    2012-07-04					     SVN::Notify::Mirror::SSH(3pm)
All times are GMT -4. The time now is 11:45 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy