I have installed GitLab server on a virtual machine (VMWare). GitLab IP address is 192.168.1.4 . I can see GitLab from browser. I generated ssh-key and added to GitLab server.
When I run ssh -T git#192.168.1.4 I got this error:
ssh: connect to host 192.168.1.4 port 22: Connection refused
Not only you need to run SSHD in your GitLab server (type netstat -l -t -n to check that it listens on port 22, as in here).
But you also need to check for:
firewall rules
port mapping (in your VMWare configuration)
Related
Installed ElasticSearch on a linux VM in Azure, put in on a Vnet with a public IP and a security group with ports 9200 and ssh 22 open.
I can ssh into the VM. On the VM itself, I can reach port 9200.
But on my PC, when I try to hit the {public IP}:9200, I get a 502 bad gateway? Anyone know why?
Ok, needed to set the following line in the /etc/elasticsearch/elasticsearch.yml file;
BEFORE
#
#network.host: 192.168.0.1
#
AFTER
#
network.host: [_local_, _site_]
#
I am doing a port forwarding to connect my local machine to Spinnaker.
Step1: -> Localhost to AWS instance
ssh -A -L 9000:localhost:9000 -L 8084:localhost:8084 -L 8087:localhost:8087 ec2-user#<aws-instance-ip>
Step2: -> Aws instance to Spinnaker cluster
ssh -L 9000:localhost:9000 -L 8084:localhost:8084 -L 8087:localhost:8087 ubuntu#10.100.10.5
This works fine when i do http://localhost:9000
However, instead of port forwarding from local machine I want to setup a tunnel from another aws instance (Eg: 55.55.55.55) and access via http://55.55.55.55:9000 . So that other team members can i directly access Spinnaker UI.
I have tried following the above steps from 55.55.55.55 host and then tried
http://55.55.55.55:9000 however it didnt work.
What should i change to make it resolve on 55.55.55.55 host?
Port forwarding is bound to the IP you give to ssh. If you give localhost (default), it will be accessible only on localhost (127.0.0.1). If you want to access it from outside, you need to give the 55.55.55.55 address instead.
You will also need a -g switch to ssh, which will allow remote hosts to connect to your locally forwarded ports.
Using Docker 1.12.1, I face a strange behaviour trying to access a host port created with ssh -R.
Basically I try to access a service running on port 12345 on my local machine from a docker container running on a server.
I opened a ssh connection with ssh -R *:12345:localhost:12345 user#server to open a port 12345 on server that forwards to port 12345 on my local machine.
Now when I try curl https://172.17.42.1:12345 inside the container (172.17.42.1 is the IP to access the docker host from the docker container) I get :
root#f6873fe1109b:/# curl https://172.17.42.1:12345
curl: (7) Failed to connect to 172.17.42.1 port 12345: Connection refused
But on server the command curl http://localhost:12345 succeeds (eg. no Connection refused)
server$ curl http://localhost:12345
curl: (52) Empty reply from server
I don't really understand how the port binding done with ssh differs from a test with nc on server (it works) :
# on server
nc -l -p 12345
# inside a container
root#f6873fe1109b:/# curl http://172.17.42.1:12345
curl: (52) Empty reply from server
NB: the container was started with docker run -it --rm maven:3-jdk-8 bash.
What can I do to allow my container to access the host port corresponding to a ssh binding ?
From man ssh:
-R [...]
... Specifying a remote bind_address will only succeed if the server's GatewayPorts option is enabled
And man sshd_config:
GatewayPorts
Specifies whether remote hosts are allowed to connect to ports forwarded for the client. By default, sshd(8) binds remote port forwardings to the loopback address. This prevents other remote hosts from connecting to forwarded ports. GatewayPorts can be used to specify that sshd should allow remote port forwardings to bind to non-loopback addresses, thus allowing other hosts to connect. The argument may be “no” to force remote port forwardings to be available to the local host only, “yes” to force remote port forwardings to bind to the wildcard address, or “clientspecified” to allow the client to select the address to which the forwarding is bound. The default is “no”.
This means that a default sshd server installation only allows to create forwards that bind to the local interface. If you want to allow forwards to other interfaces then loopback, you need to set the GatewayPorts option to yes or clientspecified in your /etc/ssh/sshd_config
I am new to SDN and was trying to learn Mininet. I have installed debian(64-bit) and Mininet on Virtual Box. When I try to connect Mininet Vm from Debian I have to run the following comamnd :
ssh -X mininet#10.0.2.15
It asks for mininet password, but after entering the default mininet password it shows an error
Permission denied please try again
Both my debian and Mininet VM have same IP address. Kindly guide how to eliminate the SSHerror. Also is it fine having same ip address for two different VM, is the SSH error a result of this ?
Thanks
In the VirtualBox settings under the tab Network click on Advanced then Port Forwarding and add a rule with name: ssh, protocol: tcp, host port: 3022 and guest port: 22. Then execute:
sudo ssh -p 3022 mininet#10.0.2.15
I have been trying to monitor a remote server using Nagios-Nrpe.
The remote host is the Amazon Ec2 instance where I have installed npre daemon on xinetd.
I have added my nagios server IP to "only-from" property in /etc/xinet.d/nrpe file.
I have added the entry in /etc/services.
I have made changes in iptables also.
I have added an entry for TCP port 5666 in my security group too.
These commands work properly:
$ netstat -at | grep nrpe
$usr/local/nagios/libexec/check_nrpe -H localhost
I have setup the nagios server and nrpe_check plugin on my local machine.
But whenever I am doing:
/usr/local/nagios/libexec/check_nrpe -H <"amazon-ec2-IP-address">
I get the following error:
connect to address <"amazon-ec2-IP-address"> port 5666: Connection refused ......
connect to host <"amazon-ec2-IP-address"> port 5666: Connection refused
I have tried making the nrpe client on another linux on my LAN and the command worked, but not for Amazon Ec2.
If anyone has the solution for this issue, please do share ASAP.
Make sure you have,
Opened up port 5666 in the Security Group linked to the EC2-instance.