Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ssh decipher a tunnel
Top Forums UNIX for Advanced & Expert Users ssh decipher a tunnel Post 302455752 by moi on Wednesday 22nd of September 2010 10:46:29 AM
Old 09-22-2010
MySQL thanks
okay thanks a lot for the reply.
no problem with the account as shell login won't be enable, i will only use the connection for port tunneling. It's for a java program which will establish connection through the proxy to the postgresql server and to a RMI server(java equivalent for web services).
I will establish tunnels on the client side before launching the program using something like this :
ssh -L 5432:127.0.0.1:5432 -L 1099:127.0.0.1:1099 powerLessUser@postgreAndRmiServer
(5432 is the postgresql default port and 1099 the RMI one)
Thanks again for your reply Smilie
best regards, moi.

by the way is there a way to mark this post as resolved ??
Last edited by moi; 09-22-2010 at 12:03 PM.. Reason: adding precisions
 

10 More Discussions You Might Find Interesting

1. Programming

using a ssh tunnel with nx compression

hi everybody and thank you for this wondefrul forum this is my first thread posted here and i hope that i could find some help from your part (i am even sure) :D here is the situation: i am to develop an application of remote desktop access such as vnc, vpn and especially nx i want to develop... (0 Replies)
Discussion started by: bolboln01
0 Replies

2. UNIX for Advanced & Expert Users

Stopping SSH tunnel

I have initiated a tunnel for vncserver. now i want to stop it. is there any way except sleep option? (2 Replies)
Discussion started by: majid.merkava
2 Replies

3. Cybersecurity

RDP over SSH Tunnel

Hi all, I'm trying have an alternative way of connecting into a Corporate network. Mostly in case the VPN down as I cannot also change the security policy. I want to expose windows RDP over ssh tunnel. I have 3 hosts in my scenario 1- Host a : Windows 2k8 has no internet access just only an... (3 Replies)
Discussion started by: h@foorsa.biz
3 Replies

4. UNIX for Dummies Questions & Answers

SSH tunnel working for ssh but not for sshfs

I'm trying to setup a link between my home pc (work-machine) and a server at work (tar-machine) that is behind a gateway (hop-machine) and not directly accessible. my actions: work-machine$ ssh -L 1234:tar-machine:22 hop-machine work-machine$ ssh -p 1234 user@127.0.0.1 - shh access on... (1 Reply)
Discussion started by: Vathau
1 Replies

5. IP Networking

Help with SSH tunnel?

I have a Java web app on machine (X) that needs to talk to an LDAP server (Y) on :636, but the LDAP server is only accessible on a particular network. I can login to a machine (Z) on that network from X, and this machine can talk to the LDAP server on :636. How can I tunnel so that X can... (2 Replies)
Discussion started by: spacegoose
2 Replies

6. UNIX for Advanced & Expert Users

Ssh tunnel question

Hi all I have a suite of scripts that ssh to remote servers within a cluster and run some tests. This is done from a central server so that all of the test results can be captured in one location. Problem is I now have 509 tests and the number is growing. The scripts work by establishing a... (2 Replies)
Discussion started by: steadyonabix
2 Replies

7. Proxy Server

WebSocket over SSH tunnel - is it possible?

Hello, I have a video streaming application that utilizes a WebSocket for the server <-> client communication. My goal is to make the video streaming service available over the internet in the cases where neither the server nor client have public IPs. One way to do this is over a VPN... (8 Replies)
Discussion started by: Vladislav
8 Replies

8. UNIX for Dummies Questions & Answers

Open a ssh tunnel on particular port

Hello Community, We have Installed a LDAP Directory behind a Firewall with redirectory port on an Ubuntu virtual machine. The virtual machine is installed on an Ubuntu physical server, that hosts many other virtual machine. All the virtual machine are only joinable from the intern network. My... (11 Replies)
Discussion started by: tessa226
11 Replies

9. Solaris

Tunnel X over ssh for 11.3

Hello Solaris experts: Trying to bring the 11.3 gdm screen over ssh to a Linux Box: I did the following: 1. made chanes to /etc/ssh/sshd_config & bounced ssh daemon: # X11 tunneling options X11Forwarding yes X11DisplayOffset 10 X11UseLocalhost yes 2. From the remote Linux box: ... (6 Replies)
Discussion started by: delphys
6 Replies

10. UNIX for Advanced & Expert Users

Tunnel using SSH

I am not clear with the part of concept of Tunneling using ssh. ssh -f -N -L 1029 192.168.1.47:25 james@192.168.1.47 I found out that above code works for me . but didn't quite well understood how ti works and need to ask you guys some questions. since we are using tunnel through ssh ... (2 Replies)
Discussion started by: lobsang
2 Replies

LEARN ABOUT MOJAVE

jstatd

jstatd(1)						      General Commands Manual							 jstatd(1)

NAME

       jstatd - Virtual Machine jstat Daemon

SYNOPSIS

       jstatd [ options ]

DESCRIPTION

       The  jstatd  tool is an RMI server application that monitors for the creation and termination of instrumented HotSpot Java virtual machines
       (JVMs) and provides a interface to allow remote monitoring tools to attach to JVMs running on the local host.

       The jstatd server requires the presence of an RMI registry on the local host. The jstatd server will attempt to attach to the RMI  registry
       on  the	default  port,	or  on	the port indicated by the -p port option.  If an RMI registry is not found, one will be created within the
       jstatd application bound to the port indicated by the -p port option or to the default RMI registry port if -p port is omitted. Creation of
       an internal RMI registry can be inhibited by specifying the -nr option.

       NOTE  -	This  utility is unsupported and may or may not be available in future versions of the J2SE SDK.  It is not currently available on
       the Windows 98 and Windows ME platforms.

PARAMETERS

       options	      Command-line options. The options may be in any order. If there are redundant or	contradictory  options,  the  last  option
		      specified will take precedence.

OPTIONS

       The jstatd command supports the following options:

       -nr	      Do not attempt to create an internal RMI registry within the jstatd process when an existing RMI registry is not found.

       -p port	      Port number where the RMI registry is expected to be found, or, if not found, created if -nr is not specified.

       -n rminame     Name  to	which  the remote RMI object is bound in the RMI registry. The default name is JStatRemoteHost. If multiple jstatd
		      servers are started on the same host, the name of the exported RMI object for each server can be made unique by by  specify-
		      ing  this  option.  However, doing so will require that the unique server name be included in the monitoring client's hostid
		      and vmid strings.

       -Joption       Pass option to the java launcher called by javac. For example, -J-Xms48m sets the startup memory to 48 megabytes.  It  is  a
		      common convention for -J to pass options to the underlying VM executing applications written in Java.

SECURITY

       The  jstatd server installs an instance of RMISecurityPolicy if no other security manager has been installed and therefore requires a secu-
       rity policy file to be specified. The policy file must conform to the default policy implementation's Policy File Syntax.  The policy  file
       can be specified with the -J-Djava.security.policy=file

       The  following  policy  file will allow the jstatd server to run without any security exceptions. This policy is less liberal then granting
       all permissions to all codebases, but is more liberal than a policy that grants the minimal permissions to run the jstatd server.

	      grant codebase "file:${java.home}/../lib/tools.jar" {
		    permission java.security.AllPermission;
	      };

       To use this policy, copy the text into a file called jstatd.all.policy and run the jstatd server as follows:

	      jstatd -J-Djava.security.policy=jstatd.all.policy

       For sites with more restrictive security practices, Sun recommends that the jstatd security policy be  customized  to  meet  your  specific
       needs.

       The  jstatd  server  can  only  monitor JVMs for which it has the appropriate access permissions. However, jstatd does not perform any user
       level authentication or authorization checking.	Therefore, it opens access to the instrumentation exported  by	the  JVMs  for	which  the
       jstatd server has the appropriate access permissions, allowing arbitrary users on the network to monitor JVMs that might otherwise be inac-
       cessible. Such exposure may be unacceptable in your environment. Particular care should be exercised when running the  jstatd  server  with
       credentials that allow wide exposure, such as running the server with root permissions on UNIX based systems.

       The  exposure  introduced  by the jstatd server can be eliminated by not running the server, thus requiring all monitoring activities to be
       performed locally. Alternatively, the security policy file can be customized to limit access to specific trusted hosts.

REMOTE INTERFACE

       The interface exported by the jstatd process is proprietary and is guaranteed to change. Users and developers are discouraged from  writing
       to this interface.

EXAMPLES

       Here are some examples of starting jstatd. Note that the jstatd scripts automatically start the server in the background.

   Using Internal RMI Registry
       This  example demonstrates starting jstatd with an internal RMI registry. This example assumes that no other server is bound to the default
       RMI Registry port (port 1099).

	      jstatd -J-Djava.security.policy=all.policy

   Using External RMI Registry
       This example demonstrates starting jstatd with a external RMI registry.

	      rmiregistry&
	      jstatd -J-Djava.security.policy=all.policy

       This example demonstrates starting jstatd with an external RMI registry server on port 2020.

	      rmiregistry 2020&
	      jstatd -J-Djava.security.policy=all.policy -p 2020

       This example demonstrates starting jstatd with an external RMI registry on port 2020, bound to name AlternateJstatdServerName.

	      rmiregistry 2020&
	      jstatd -J-Djava.security.policy=all.policy -p 2020 -n AlternateJstatdServerName

   Inhibiting creation of an in-process RMI registry
       This example demonstrates starting jstatd such that it will not create a RMI registry if one is not found. This example assumes an RMI reg-
       istry is already running. If it is not, an appropriate error message is emitted.

	      jstatd -nr

   Enabling RMI logging capabilities
       This  example  demonstrates starting jstatd with RMI logging capabilities enabled. This technique is useful as a troubleshooting aid or for
       monitoring server activities.

	      jstatd -J-Djava.security.policy=all.policy -J-Djava.rmi.server.logCalls=true

       This example uses the Bourne Shell syntax for setting environment variables, other shells or command  interpreters  may	require  different
       syntax.

SEE ALSO

       java(1) jps(1) jstat(1) rmiregistry(1)

								   13 June 2004 							 jstatd(1)
All times are GMT -4. The time now is 09:53 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy