Hi guys, I'm trying to set up an Ubuntu VPN server that will forward an ssh connection automatically as a proxy to two separate LAN hosts.
What I'm looking at doing is making SSH listen on two ports (if that is possible) and get some kind of script, preferably something in bash, that will listen on those two ports and forward the connection to whichever host in the event of a successful connection.
Eg:
P 22 >> Host 1
P 4000 >> Host 2
The two hosts are running red Hat linux and a Windows variant and will be accessed initially from both Linux and Windows machines.
I was looking at getting ssh to listen on the separate ports by editing the
to add for example, port 4000 underneath port 22 and restart the service.
At the minute I have it all running on Amazon ec2.
Hi,
I have issues with running graphical interfaces on my computer being remotely logged into a network via the -X option of ssh. My .cshrc shows DISPLAY=hostname:0 and I think there should be a different number instead of the 0. I changed the ssh_config file already to 'X11 forwarding yes', which... (0 Replies)
Hi,
from my workplace we use a proxy to connect to the outside world, including external ssh servers.
The problem is that the server is seeing the connection coming from the proxy and knows nothing about the client behind it. The ssh connection itself works fine, but x-forwarding does not work as... (1 Reply)
Hi Experts,
I am trying to have the SSH tunnel Remote forwarding command in a shell script. I should be able to do 2 tasks, but unable to get that going.
1) I have 3 servers Server 1, Server 2, Server 3.
I have my Database running on Server 1 and my script running on Server 2 which should... (0 Replies)
So this seems like something that should be simple...but I can't quite seem to get it up and running. I have a machine, .107 with a GUI on port 8443. The problem is that I can't connect directly to .107 from my laptop. Now I have another machine, .69 that can connect to .107. So shouldn't I be able... (4 Replies)
I have an application that runs on the server with root privileges and all emails it sends get sent to root (errors, logs, etc), when they should actually go to one of application admins.
I would like to separate these emails from the OS related one sent to root and forward them to that... (2 Replies)
Hi,
Local PC - Ubuntu 11.04 desktop
Remote PC - Debian 6.0 desktop
My problem is 2 desktops, remote and local, are displayed on the same workplace on local PC. It would be quite confusing. Is there any way to display each desktop on one workplace(on its own workplace) OR displaying both... (0 Replies)
Hello my friends , i am totally stuck in ssh port forwarding topic
i had learn iptables and other networking topic without any problem but ssh port forwarding is headache
1. local port = what is this ? is this incoming traffic or outgoing traffic
2. remote port = same as above
3. dynamic... (2 Replies)
Hi,
I'm trying to connect ftp over ssh port forwarding to a sever(UnixC) behind FireWall(F/W). here's my env and question.
UnixA(SSH Client) ----F/W ---- UnixB(SSH Svr) ---- UnixC (FTP, 21)
UnixA wants to connect ftp service of UnixC via SSH port forwarding on UnixB.
Unix A,... (3 Replies)
I have a few questions below on ports.
From my understanding ports are what allow information to come into your computer and each port interprets/allows specific information/data to come in. Is this correct from a ball park perspective? If not could some elaborate on this please.
What... (1 Reply)
Here's a situation:
I do all my work on a Mac. I have mysql installed on my mac.
1. There's a certain linux server 'server01' that provides access to
another linux server 'server02' via a pseudo terminal
So, to ssh into 'server02', I do this from my mac:
ssh -t server01... (1 Reply)
Discussion started by: imperialguy
1 Replies
LEARN ABOUT REDHAT
ssh-keyscan
SSH-KEYSCAN(1) BSD General Commands Manual SSH-KEYSCAN(1)NAME
ssh-keyscan -- gather ssh public keys
SYNOPSIS
ssh-keyscan [-v46] [-p port] [-T timeout] [-t type] [-f file] [host | addrlist namelist] [...]
DESCRIPTION
ssh-keyscan is a utility for gathering the public ssh host keys of a number of hosts. It was designed to aid in building and verifying
ssh_known_hosts files. ssh-keyscan provides a minimal interface suitable for use by shell and perl scripts.
ssh-keyscan uses non-blocking socket I/O to contact as many hosts as possible in parallel, so it is very efficient. The keys from a domain
of 1,000 hosts can be collected in tens of seconds, even when some of those hosts are down or do not run ssh. For scanning, one does not
need login access to the machines that are being scanned, nor does the scanning process involve any encryption.
The options are as follows:
-p port
Port to connect to on the remote host.
-T timeout
Set the timeout for connection attempts. If timeout seconds have elapsed since a connection was initiated to a host or since the
last time anything was read from that host, then the connection is closed and the host in question considered unavailable. Default
is 5 seconds.
-t type
Specifies the type of the key to fetch from the scanned hosts. The possible values are ``rsa1'' for protocol version 1 and ``rsa''
or ``dsa'' for protocol version 2. Multiple values may be specified by separating them with commas. The default is ``rsa1''.
-f filename
Read hosts or addrlist namelist pairs from this file, one per line. If - is supplied instead of a filename, ssh-keyscan will read
hosts or addrlist namelist pairs from the standard input.
-v Verbose mode. Causes ssh-keyscan to print debugging messages about its progress.
-4 Forces ssh-keyscan to use IPv4 addresses only.
-6 Forces ssh-keyscan to use IPv6 addresses only.
SECURITY
If a ssh_known_hosts file is constructed using ssh-keyscan without verifying the keys, users will be vulnerable to attacks. On the other
hand, if the security model allows such a risk, ssh-keyscan can help in the detection of tampered keyfiles or man in the middle attacks which
have begun after the ssh_known_hosts file was created.
EXAMPLES
Print the rsa1 host key for machine hostname:
$ ssh-keyscan hostname
Find all hosts from the file ssh_hosts which have new or different keys from those in the sorted file ssh_known_hosts:
$ ssh-keyscan -t rsa,dsa -f ssh_hosts |
sort -u - ssh_known_hosts | diff ssh_known_hosts -
FILES
Input format:
1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
Output format for rsa1 keys:
host-or-namelist bits exponent modulus
Output format for rsa and dsa keys:
host-or-namelist keytype base64-encoded-key
Where keytype is either ``ssh-rsa'' or ``ssh-dsa''.
/etc/ssh/ssh_known_hosts
BUGS
It generates "Connection closed by remote host" messages on the consoles of all the machines it scans if the server is older than version
2.9. This is because it opens a connection to the ssh port, reads the public key, and drops the connection as soon as it gets the key.
SEE ALSO ssh(1), sshd(8)AUTHORS
David Mazieres <dm@lcs.mit.edu> wrote the initial version, and Wayne Davison <wayned@users.sourceforge.net> added support for protocol ver-
sion 2.
BSD January 1, 1996 BSD