01-13-2015
Quote:
Originally Posted by
Vladislav
The problem is that the WebSocket client will always allocate a random port when initializing the communication and the SSH-relay point has no idea how to handle the responses coming from the server on that port.
An SSH tunnel might not be the right tool for the job then, a VPN sounds more suitable. The VPN itself will communicate on a predictable IP and port, but to the applications on either side, can generate traffic that appears to come from another subnet, as if you had two new network cards and a miles-long cable connecting you two directly. Hence 'virtual', 'private', and 'network'.
10 More Discussions You Might Find Interesting
1. Programming
hi everybody and thank you for this wondefrul forum
this is my first thread posted here and i hope that i could find some help from your part (i am even sure) :D
here is the situation: i am to develop an application of remote desktop access such as vnc, vpn and especially nx
i want to develop... (0 Replies)
Discussion started by: bolboln01
0 Replies
2. UNIX for Advanced & Expert Users
Two question here, but it's only one on the protocol point of view.
If two persons use the same key to connect to a SSH server is there a risk they can decipher the other tunnel. In other terms is that less safe than if they have two separate keys.
Same question if two persons use the same user... (2 Replies)
Discussion started by: moi
2 Replies
3. UNIX for Advanced & Expert Users
I have initiated a tunnel for vncserver. now i want to stop it. is there any way except sleep option? (2 Replies)
Discussion started by: majid.merkava
2 Replies
4. IP Networking
I have situation:
- localhost L
- server A
- server B (currently accessible only from B, but it have key of my localhost - added when L have different location and can access directly to B)
problem:
how set tunnel from L to B and use key from localhost (I don't remember password to B)?
I... (0 Replies)
Discussion started by: lessmore
0 Replies
5. Cybersecurity
Hi all,
I'm trying have an alternative way of connecting into a Corporate network. Mostly in case the VPN down as I cannot also change the security policy.
I want to expose windows RDP over ssh tunnel.
I have 3 hosts in my scenario
1- Host a : Windows 2k8 has no internet access just only an... (3 Replies)
Discussion started by: h@foorsa.biz
3 Replies
6. UNIX for Dummies Questions & Answers
I'm trying to setup a link between my home pc (work-machine) and a server at work (tar-machine) that is behind a gateway (hop-machine) and not directly accessible.
my actions:
work-machine$ ssh -L 1234:tar-machine:22 hop-machine
work-machine$ ssh -p 1234 user@127.0.0.1
- shh access on... (1 Reply)
Discussion started by: Vathau
1 Replies
7. IP Networking
I have a Java web app on machine (X) that needs to talk to an LDAP server (Y) on :636, but the LDAP server is only accessible on a particular network.
I can login to a machine (Z) on that network from X, and this machine can talk to the LDAP server on :636.
How can I tunnel so that X can... (2 Replies)
Discussion started by: spacegoose
2 Replies
8. UNIX for Advanced & Expert Users
Hi all
I have a suite of scripts that ssh to remote servers within a cluster and run some tests. This is done from a central server so that all of the test results can be captured in one location.
Problem is I now have 509 tests and the number is growing. The scripts work by establishing a... (2 Replies)
Discussion started by: steadyonabix
2 Replies
9. Solaris
Hello Solaris experts:
Trying to bring the 11.3 gdm screen over ssh to a Linux Box:
I did the following:
1. made chanes to /etc/ssh/sshd_config & bounced ssh daemon:
# X11 tunneling options
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
2. From the remote Linux box:
... (6 Replies)
Discussion started by: delphys
6 Replies
10. UNIX for Advanced & Expert Users
I am not clear with the part of concept of Tunneling using ssh.
ssh -f -N -L 1029 192.168.1.47:25 james@192.168.1.47
I found out that above code works for me . but didn't quite well understood how ti works and need to ask you guys some questions.
since we are using tunnel through ssh ... (2 Replies)
Discussion started by: lobsang
2 Replies
LEARN ABOUT DEBIAN
etherpuppet
ETHERPUPPET(1) BSD General Commands Manual ETHERPUPPET(1)
NAME
etherpuppet -- create a virtual interface from a remote Ethernet interface
SYNOPSIS
etherpuppet [-s port] [-c target:port] [-B] [-S] [-M filter] [-C] [-i iface]
etherpuppet [-m] [-s port] [-c target:port] [-I iface]
DESCRIPTION
etherpuppet is a small program that will create a virtual interface (TUN/TAP) on one machine from the ethernet interface of another machine
through a TCP connection. Everything seen by the real interface will be seen by the virtual one. Everything sent to the virtual interface
will be emitted by the real one.
It has been designed because one often has a small machine as his Internet gateway, and sometimes want to run some big applications that need
raw access to this interface, for sniffing (Ethereal, etc.) or for crafting packets that do not survive being reassembled, NATed, etc.
When launched with the first syntax, etherpuppet is a slave that will send to its master everything that passes on the given interface. With
the second syntax, etherpuppet is the master and will create the special TAP device (whose default name starts with puppet. In both modes,
etherpuppet is able to either connect or listen to its slave/master.
Traffic seen by the real interface is sent through the TCP connection to the doll interface. Thus, it is important that this connection is
not seen by the real interface (or else, we'll have a cute infinite traffic loop).
The options are as follows:
-s port
Listen on the given TCP port.
-c ip:port
Connect to the slave/master on the given IP/port.
-i iface
Vampirize the given interface name.
-I ifname
Choose the name of the virtual interface.
-m Master mode.
-B Do not use BPF. With this option, etherpuppet may see its own traffic.
-S Build BPF with the content of SSH_CONNECTION environment variable.
-M src:sp,dst:dp
Build manually a BPF filter that will exclude matching traffic in both directions.
-C Do not copy real interface parameters to virtual interface.
The source and destination are by default the TCP connection end points. If you go through SSH tunneling, you can use the -S option to use
SSH_CONNECTION environment variable content instead, so that you will filter out the SSH connection of your current session and not the con-
nection to the local SSH tunnel end point (which is pointless). If this still not fit your needs, you can manually specify the connection end
points with -M.
If you connect two Etherpuppet instances in master mode, you'll get a TCP tunnel through virtual interfaces.
If you connect two Etherpuppet instances in slave mode, you may get some kind of inefficient distributed bridge, but more probably, you'll
get a big mess.
AUTHORS
The etherpuppet program was written by Philippe Biondi <phil@secdev.org>.
This manual page was written by Vincent Bernat <bernat@debian.org>, for the Debian project (but may be used by others).
BSD
August 7, 2008 BSD