10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi friends,
I am trying to scp a file from server A to Server C via Server B (which is jump host)
from Server A to Server B i have one pem key. from server B to server C I have different Pem key..
what I tried
scp -r -o ProxyCommand="ssh -W %h:%p ec2-user@1.4.5.5 dmu.sh... (7 Replies)
Discussion started by: onenessboy
7 Replies
2. UNIX for Advanced & Expert Users
I am not clear with the part of concept of Tunneling using ssh.
ssh -f -N -L 1029 192.168.1.47:25 james@192.168.1.47
I found out that above code works for me . but didn't quite well understood how ti works and need to ask you guys some questions.
since we are using tunnel through ssh ... (2 Replies)
Discussion started by: lobsang
2 Replies
3. Solaris
Hello Solaris experts:
Trying to bring the 11.3 gdm screen over ssh to a Linux Box:
I did the following:
1. made chanes to /etc/ssh/sshd_config & bounced ssh daemon:
# X11 tunneling options
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
2. From the remote Linux box:
... (6 Replies)
Discussion started by: delphys
6 Replies
4. Shell Programming and Scripting
Hi
I need to write a script to ssh through several hops (e.g. HostA-HostB-HostC-HostD), where Host A does not have direct assess to HostC ; HostB cannot access HostD directly.
when I ssh 3 hops and run command with arg1, arg2 and redirect the output to a file, e.g.
HostA> ssh -t HostB ssh -t... (3 Replies)
Discussion started by: chiensh
3 Replies
5. IP Networking
I have a Java web app on machine (X) that needs to talk to an LDAP server (Y) on :636, but the LDAP server is only accessible on a particular network.
I can login to a machine (Z) on that network from X, and this machine can talk to the LDAP server on :636.
How can I tunnel so that X can... (2 Replies)
Discussion started by: spacegoose
2 Replies
6. UNIX for Dummies Questions & Answers
I'm trying to setup a link between my home pc (work-machine) and a server at work (tar-machine) that is behind a gateway (hop-machine) and not directly accessible.
my actions:
work-machine$ ssh -L 1234:tar-machine:22 hop-machine
work-machine$ ssh -p 1234 user@127.0.0.1
- shh access on... (1 Reply)
Discussion started by: Vathau
1 Replies
7. IP Networking
I have situation:
- localhost L
- server A
- server B (currently accessible only from B, but it have key of my localhost - added when L have different location and can access directly to B)
problem:
how set tunnel from L to B and use key from localhost (I don't remember password to B)?
I... (0 Replies)
Discussion started by: lessmore
0 Replies
8. Solaris
Hi SSHers,
I have embedded this below code in my shell script..
/usr/bin/ssh -t $USER@$SERVER1 /usr/bin/ssh $USER2@S$SERVER2 echo uptime:`/opt/OV/bin/snmpget -r 0 -t 60 $nodeName system.3.0 | cut -d: -f3-5`
SSH to both these servers are public-key authenticated, so things run... (13 Replies)
Discussion started by: LinuxUser2008
13 Replies
9. Shell Programming and Scripting
Hi,
I have got a shell script, which fails to run properly..
I am getting the following error:
"Pseudo-terminal will not be allocated because stdin is not a terminal.
Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive)."
I SSH to the machine and then run the... (1 Reply)
Discussion started by: LinuxUser2008
1 Replies
10. IP Networking
Does any one know how to block HTTP Tunnel in squid proxy server.
Pls reply (1 Reply)
Discussion started by: vishwanathhcl
1 Replies
CONNECT-TUNNEL(1p) User Contributed Perl Documentation CONNECT-TUNNEL(1p)
NAME
connect-tunnel - Create CONNECT tunnels through HTTP proxies
SYNOPSIS
connect-tunnel [ -Lv ] [ -A user:pass ] [ -P proxy:port ]
[ -C controlport ] [ -T port:host:hostport ]
DESCRIPTION
connect-tunnel sets up tunneled connections to external hosts by redirecting connections to local ports towards thoses hosts/ports through
a HTTP proxy.
connect-tunnel makes use of the HTTP "CONNECT" method to ask the proxy to create a tunnel to an outside server. Be aware that some proxies
are set up to deny outside tunnels (either to ports other than 443 or outside a specified set of outside hosts).
OPTIONS
The program follows the usual GNU command line syntax, with long options starting with two dashes.
-A, --proxy-authentication user:password
Proxy authentication information.
Please note that all the authentication schemes supported by "LWP::UserAgent" are supported (we use an "LWP::UserAgent" internally to
contact the proxy).
-C, --control-port controlport
The port to which one can connect to issue control commands to connect-tunnel.
See "CONTROL CONNECTIONS" for more details about the available commands.
-L, --local-only
Create the tunnels so that they will only listen on "localhost". Thus, only connections originating from the machine that runs
connect-tunnel will be accepted.
That was the default behaviour in connect-tunnel version 0.02.
-P, --proxy proxy[:port]
The proxy is required to connect the tunnels. If no port is given, 8080 is used by default.
See also "ENVIRONMENT VARIABLES".
-T, --tunnel port:host:hostport
Specifies that the given port on the local host is to be forwarded to the given host and hostport on the remote side. This works by
allocating a socket to listen to port on the local side, and whenever a connection is made to this port, connect-tunnel forwards it to
the proxy (with the credentials, if required), which in turn forwards it to the final destination.
Note that this does not imply the use of any cryptographic system (SSL or any other). This is a simple TCP redirection. The security if
any, is the one provided by the protocol used to connect to the destination through connect-tunnel.
On Unix systems, only root can forward privileged ports.
Note that you can setup tunnels to multiple destinations, by using the --tunnel option several times.
-U, --user-agent string
Specify User-Agent value to send in HTTP requests. The default is to send "connect-tunnel/version".
-v, --verbose
Verbose output.
This option can be used several times for more verbose output.
EXAMPLES
To connect to a SSH server running on "ssh.example.com", on port 443, through the proxy "proxy.company.com", running on port 8080, use the
following command:
connect-tunnel -P proxy.company.com:8080 -T 22:ssh.example.com:443
And now point your favorite ssh client to the machine running connect-tunnel.
You can also emulate a "standard" user-agent:
connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
-P proxy.company.com:8080 -T 22:ssh.example.com:443
connect-tunnel can easily use your proxy credentials to connect outside:
connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
-P proxy.company.com:8080 -T 22:ssh.example.com:443
-A book:s3kr3t
But if you don't want anybody else to connect to your tunnels and through the proxy with your credentials, use the --local-only option:
connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
-P proxy.company.com:8080 -T 22:ssh.example.com:443
-A book:s3kr3t -L
If you have several destinations, there is no need to run several instances of connect-tunnel:
connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
-P proxy.company.com:8080 -A book:s3kr3t -L
-T 22:ssh.example.com:443
-T 222:ssh2.example.com:443
But naturally, you will need to correctly set up the ports in your clients.
Mmm, such a long command line would perfectly fit in an alias or a .BAT file. ";-)"
ENVIRONMENT VARIABLES
The environment variable "HTTP_PROXY" can be used to provide a proxy definition.
The environment variable is overriden by the --proxy option, if passed to connect-tunnel.
AUTHOR
Philippe "BooK" Bruhat, "<book@cpan.org>".
I seem to have re-invented a well-known wheel with that script, but at least, I hope I have added a few interesting options to it.
SCRIPT HISTORY
The first version of the script was a quick hack that let me go through a corporate proxy.
Version 0.02 and version 0.03 were released on CPAN in 2003.
Version 0.04 sits half-finished in a CVS repository at home: I couldn't decypher the spaghetti of my data structures any more. ":-("
Version 0.05 (and higher) are based on "Net::Proxy", and included with the "Net::Proxy" distribution.
Even though it's not rocket science, connect-tunnel has been cited in at least one academic works:
o HTTP Tunnels Through Proxies, Daniel Alman
Available at SANS InfoSec Reading Room: Covert Channels <http://www.sans.org/rr/whitepapers/covert/>
Direct link: <http://www.sans.org/rr/whitepapers/covert/1202.php>
COPYRIGHT
Copyright 2003-2007, Philippe Bruhat. All rights reserved.
LICENSE
This module is free software; you can redistribute it or modify it under the same terms as Perl itself.
perl v5.10.1 2009-10-18 CONNECT-TUNNEL(1p)