Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: WebSocket over SSH tunnel - is it possible?
Special Forums IP Networking Proxy Server WebSocket over SSH tunnel - is it possible? Post 302931658 by Vladislav on Wednesday 14th of January 2015 11:42:28 AM
Old 01-14-2015
Quote:
Originally Posted by Corona688
A rose by any other name is still a rose. I'd call it a VPN.
Well, to a certain extent it does indeed behave like a VPN, but it does not use any form of tunneling and does not create a virtual network interface, like other VPN applications do. Also it does not function on the Internet layer of the connection (like IPSec) and only relays specific TCP messages that are part of the TeamViewer API (so it provides no extended network interfacing capabilities whatsoever). You might argue that e.g. OpenVPN tunnels it's traffic over TCP / UDP connections as well, but in that case they are used to multiplex SSL tunnels.

I already began developing a relatively simple server application that will do something similar - instead of situating my WebSocket listener on the streaming server device, I will put it in a 'mid point', where both the streaming server and clients will be able to connect.

The Java code will then handle the messaging and video streaming through a basic set of API commands and hopefully I will get what I want.

This type of architecture also makes a lot more sense with regard to the original purpose of the WebSocket design.
 

10 More Discussions You Might Find Interesting

1. Programming

using a ssh tunnel with nx compression

hi everybody and thank you for this wondefrul forum this is my first thread posted here and i hope that i could find some help from your part (i am even sure) :D here is the situation: i am to develop an application of remote desktop access such as vnc, vpn and especially nx i want to develop... (0 Replies)
Discussion started by: bolboln01
0 Replies

2. UNIX for Advanced & Expert Users

ssh decipher a tunnel

Two question here, but it's only one on the protocol point of view. If two persons use the same key to connect to a SSH server is there a risk they can decipher the other tunnel. In other terms is that less safe than if they have two separate keys. Same question if two persons use the same user... (2 Replies)
Discussion started by: moi
2 Replies

3. UNIX for Advanced & Expert Users

Stopping SSH tunnel

I have initiated a tunnel for vncserver. now i want to stop it. is there any way except sleep option? (2 Replies)
Discussion started by: majid.merkava
2 Replies

4. IP Networking

ssh tunnel with 2 hops and key

I have situation: - localhost L - server A - server B (currently accessible only from B, but it have key of my localhost - added when L have different location and can access directly to B) problem: how set tunnel from L to B and use key from localhost (I don't remember password to B)? I... (0 Replies)
Discussion started by: lessmore
0 Replies

5. Cybersecurity

RDP over SSH Tunnel

Hi all, I'm trying have an alternative way of connecting into a Corporate network. Mostly in case the VPN down as I cannot also change the security policy. I want to expose windows RDP over ssh tunnel. I have 3 hosts in my scenario 1- Host a : Windows 2k8 has no internet access just only an... (3 Replies)
Discussion started by: h@foorsa.biz
3 Replies

6. UNIX for Dummies Questions & Answers

SSH tunnel working for ssh but not for sshfs

I'm trying to setup a link between my home pc (work-machine) and a server at work (tar-machine) that is behind a gateway (hop-machine) and not directly accessible. my actions: work-machine$ ssh -L 1234:tar-machine:22 hop-machine work-machine$ ssh -p 1234 user@127.0.0.1 - shh access on... (1 Reply)
Discussion started by: Vathau
1 Replies

7. IP Networking

Help with SSH tunnel?

I have a Java web app on machine (X) that needs to talk to an LDAP server (Y) on :636, but the LDAP server is only accessible on a particular network. I can login to a machine (Z) on that network from X, and this machine can talk to the LDAP server on :636. How can I tunnel so that X can... (2 Replies)
Discussion started by: spacegoose
2 Replies

8. UNIX for Advanced & Expert Users

Ssh tunnel question

Hi all I have a suite of scripts that ssh to remote servers within a cluster and run some tests. This is done from a central server so that all of the test results can be captured in one location. Problem is I now have 509 tests and the number is growing. The scripts work by establishing a... (2 Replies)
Discussion started by: steadyonabix
2 Replies

9. Solaris

Tunnel X over ssh for 11.3

Hello Solaris experts: Trying to bring the 11.3 gdm screen over ssh to a Linux Box: I did the following: 1. made chanes to /etc/ssh/sshd_config & bounced ssh daemon: # X11 tunneling options X11Forwarding yes X11DisplayOffset 10 X11UseLocalhost yes 2. From the remote Linux box: ... (6 Replies)
Discussion started by: delphys
6 Replies

10. UNIX for Advanced & Expert Users

Tunnel using SSH

I am not clear with the part of concept of Tunneling using ssh. ssh -f -N -L 1029 192.168.1.47:25 james@192.168.1.47 I found out that above code works for me . but didn't quite well understood how ti works and need to ask you guys some questions. since we are using tunnel through ssh ... (2 Replies)
Discussion started by: lobsang
2 Replies

LEARN ABOUT DEBIAN

miredo.conf

MIREDO.CONF(5)						      System Manager's Manual						    MIREDO.CONF(5)

NAME

       miredo.conf - configuration for Miredo

SYNOPSIS

       miredo.conf

DESCRIPTON

       miredo.conf    is the configuration file for Miredo.  Each configuration directive consists of one directive name, possibly followed by one
       or several spaces and a value for the directive.  White spaces, empty lines and lines starting with '#' are ignored.

       Directives are case-insensitive. A comprehensive list of the supported directives follows:

MODES

       RelayType (client|autoclient|relay|cone|restricted)
	      Specifies what type of Teredo relay/client Miredo will serve as.	There are three possible choices:

       client mode (the default)
	      In client mode, Miredo acts as a Teredo client. Miredo will first authenticate with a Teredo server (see ServerAddress), and if suc-
	      cessful, will setup a Teredo tunneling interface with a public Teredo IPv6 address and a default IPv6 route. That virtual networking
	      interface can be used to reach the IPv6 Internet as well as Teredo clients.

	      The use of Miredo as a Teredo client allows nodes to get an IPv6 connectivity from behind a NAT router device, as  it  tunnels  IPv6
	      packets  over UDP/IPv4 with special support for NAT routers. Routers of that kind usually only forward TCP, UDP, and some ICMP, IPv4
	      packets (with some limitation).

	      NOTE: Use of Miredo as a Teredo client is possible even if the system already has IPv6 connectivity  through  another  way  (native,
	      6to4,  TSP,  etc).  In  that  case, Miredo will only be used to reach other Teredo clients, as its tunneling interface has a default
	      route with a higher metric (which is to say a lower priority) than the other network interfaces.

       autoclient is currently an alias for client mode.

       cone mode (relay also works)
	      In cone mode, Miredo acts as a Teredo relay. It will assume that it has public global IPv4 connectivity with no firewall.  In  other
	      words,  the UDP port used by Miredo must receive unsoliticited traffic from the IPv4 Internet (see also BindPort).  Miredo will cre-
	      ate a virtual networking interface with a route toward Teredo clients.

	      Teredo relays forward IPv6 packets between Teredo clients and the IPv6 Internet. For that to work, Teredo relays MUST have a working
	      IPv6 connectivity through a way distinct from Teredo tunneling (native, 6to4, ISATAP, etc).

	      Warning:	This mode should only be used if the node has a public IPv4 address, or if it is behind a full cone NAT-router with proper
	      port forwarding rules.  Otherwise the tunnel will NOT WORK PROPERLY.  Note that many NAT port forwarding implementations are broken.

       restricted mode
	      This mode is identical to the cone mode documented above, with the exception that direct Teredo bubbles will be sent.  Theoretically
	      (see  RFC4380)  this  permits  operation of a Teredo relay from behind a restricted-port NAT.  In practice, this makes NAT traversal
	      extremely unreliable.  This setting is present for backward syntax compatibility of the miredo.conf file. PLEASE	DO  NOT  USE  THIS
	      MODE.

CLIENT OPTIONS

       The following directives are only available in (auto)client mode.

       ServerAddress hostname
	      The  ServerAddress  directive  specifies the hostname or numerical IPv4 address of the Teredo server to use.  Teredo clients needs a
	      Teredo server to establish and maintain their IPv6 over UDP/IPv4 tunnel across a NAT device.

	      This directive MUST be specified when Miredo is in client mode. hostname must resolve to a valid IPv4 address. If it is not present,
	      and no server hostname is specified on the command line when starting miredo either, the program will fail.

       ServerAddress2 hostname2
	      Miredo  assumes  that  the secondary Teredo server address equals the primary server address plus one. If that is not the case, this
	      directive must be used.

RELAY OPTIONS

       The following directives are only available in relay mode.  They are not available in (auto)client mode.

       Prefix teredo_prefix
	      This directive specifies the Teredo prefix which the Teredo relay and/or server will advertise.  teredo_prefix must be a valid  IPv6
	      prefix.

	      The default value is 2001:0000::.

	      Do  not  use that directive if you don't know what you are doing, as it is more than likely to break your Teredo connectivity.  That
	      option must not be used when Miredo serves as a Teredo client.

       InterfaceMTU mtu
	      This directive overrides the default MTU size of 1280 bytes for the Teredo tunneling interface. It should not be used if the default
	      Teredo prefix is used.

GENERAL OPTIONS

       InterfaceName ifname
	      Specify the name of the Teredo tunneling interface which Miredo will create ("miredo" by default). On some systems, it is not possi-
	      ble to redefine the tunnel name.

       BindAddress bind_address
	      Bind the Teredo relay or Teredo client to a specific IPv4 address.  By default, it is not bound to any particular IPv4 address.

	      Use this option if you have trouble with the default value, such as if you have a multi-homed host with equal-cost IPv4 routing,	or
	      if you have specific firewalling constraints.

       BindPort udp_port
	      Define  the  UDP	(IPv4)	port  number to be used by the relay or client.  By default, the operating system allocates an unused port
	      automatically.

	      Use this option if you have firewalling constraints which can cause Miredo to fail when not using a fixed predefined port.

       SyslogFacility facility
	      Specify which syslog's facility is to be used by Miredo for logging.  Possible values are: daemon (the default), local0, ... local7,
	      kern and user (see syslog(2)).

SEE ALSO

       miredo(8)

AUTHOR

       Remi Denis-Courmont <remi at remlab dot net>

       http://www.remlab.net/miredo/

miredo								    August 2007 						    MIREDO.CONF(5)
All times are GMT -4. The time now is 08:24 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy