I have a bastion host where I have configured the ~/.ssh/config file as follows:
Host stage-bastion
ProxyCommand ssh -q stage-bastion nc -q0 <capped-ip> 22
Hostname <capped-ip>
User stage
IdentityFile /home/abc/Documents/key
Port 1984
ServerAliveInterval 15
ServerAliveCountMax 3
And I try to log in as follows:
ssh stage-bastion
and I get the error:
kex_exchange_identification: Connection closed by remote host
I even did a eval "$(ssh-agent -s)" but not luck.
Then I tried normally as below:
ssh -i /home/abc/Documents/key stage#<capped-ip>
Voila it worked and I was able to ssh.
Can someone help me why my ~/.ssh/config is not working and giving the above error?
Related
Is it possible to do ssh tunneling (SSH port forwarding) from azure bastion host?
Like we do normally from a jump box:
ssh -i path/to/private_key -L 127.0.0.1:FORWARD_PORT:VM_IP:APPLICATION_PORT user#jumphost.net
ssh -i path/to/private_key -L 127.0.0.1:8080:10.0.0.1:8080 user#jumphost.net
Do you really need port fowarding? Your use case can perfectly use TCP forwarding like so, with the following SSH config.
Host JumpHost1
Hostname jumphost1.net
User user_jh1
Host JumpHost2
Hostname jumphost2.net
User user_jh2
ProxyCommand ssh -W %h:%p JumpHost1
Host AppBox
Hostname appbox_behind_firewall.net
User app_user
ProxyCommand ssh -W %h:%p JumpHost2
Then you can easily do ssh AppBox without issue. You'll need to have your local public key authenticated to each jumphost and the appbox. Which you should be able to easily do with ssh-copy-id if you are doing this with OpenSSH
I can access my serve like this:
(from local)ssh -p5222 name#server1.com
(from server1)ssh name#server2.com
Then I can work on server2.
Now I find I need to mount the folder in server2 to my local machine so that I could use my IDE.
I tried this:
ssh -Nf name#server1.com -p5222 -L 2233:name#server2.com:2233
sshfs -p 2233 localname#localhost:~/ ./target-dir
But I got this error message:
channel 2: open failed: administratively prohibited: open failed read: Connection reset by peer
Why I met this trouble and how could I mount my remote file to my local machine please?
From the commands you run, it looks like the ssh server on server2.com is listening on the default port 22:
(from server1)ssh name#server2.com
If that's the case, then you need to forward the connection towards this port 22.
Instead of:
ssh -Nf name#server1.com -p5222 -L 2233:name#server2.com:2233
Do:
ssh -Nf name#server1.com -p5222 -L 2233:name#server2.com:22
Also, in your sshfs command, you need to provide the ssh user on server2.com, not your local user.
Intead of:
sshfs -p 2233 localname#localhost:~/ ./target-dir
Do:
sshfs -p 2233 name#localhost:~/ ./target-dir
I want to install hadoop cluster, the hostname of my computer is modified Master. I configure the ssh login without password, but I can only use ssh localhost successfully, when it comes to ssh Master, it shows ssh:connect to host master port 22: connection refused. I don't know why
/etc/host
127.0.0.1 localhost
113.*.*.2 Master
113.*.*.31 Slave1
cd ~/.ssh
rm ./id_rsa
ssh-keygen -t rsa
cat ./id_rsa.pub >> ./authorized_keys
ssh Master
Do this :
ssh-keygen -t rsa
ssh-copy-id -i ~/.ssh/id_rsa.pub root#master
ssh-copy-id -i ~/.ssh/id_rsa.pub root#slave1
chmod 0600 ~/.ssh/authorized_keys
I have 1 pc and 2 servers.
Each device has a user associated with it:
pc (10.0.0.10) -> pc_user
server1 (10.0.0.146) -> server1_user
server2 (192.168.0.3) -> server2_user
There is a firewall blocking everything from "pc" to "server2".
The goal is to acess "server2" from "pc" through a SSH tunnel to "server1".
How can I do it?
If using openssh:
TRIVIAL WAY
PC> ssh server1_user#server1
server1> ssh server2_user#server2
PROXY WAY
Get a netcat on server1, if you can't install one, you can try to statically compile one (check busybox), download one (find server1 and OS version and check it's repos). If you have python/perl, there are "script implementations" of the command.
On your ~/.ssh/config file add:
Host server1
HostName 10.0.0.146
User server1_user
Host server2
ProxyCommand ssh -C -q server1 /<server1_path_to>/nc 192.168.0.3 22
User server2_user
ssh server2 will prompt for both passwords, if you're not using key authentication.
Since OpenSSH 5.4 netcat is not required for proxying
Host server2
ProxyCommand ssh -W %h:%p server1
User server2_user
TUNNEL WAY
PC TTY1> ssh -L 2222:192.168.0.3:22 server1_user#server1
PC TTY2> ssh server2_user#localhost -p 2222
I am trying to translate this ssh command into my ssh_config. What is the equivalant of -L in the ssh_config? I thought it was localForward but from the restuls i am getting it does not look that way.
SSH command
sudo ssh -i ~/.ssh/mySSHkey -L 81:<IP1>:81 -L 9200:<IP1>:9200 user#myhost.domain.com
ssh_config entry
Host logstash
Hostname <IP1>
Port 81
# ForwardX11 yes
LocalForward 81 <IP1>:81
LocalForward 9200 <IP1>:9200
User username
IdentityFile ~/.ssh/mySSHkey
ServerAliveInterval 30
ServerAliveCountMax 120
# LogLevel DEBUG3
Host tunnel
HostName database.example.com
IdentityFile ~/.ssh/john.example.key
LocalForward 9906 127.0.0.1:3306
User john
Equivalent of:
ssh -f -N -L 9906:127.0.0.1:3306 john#database.example.com
With the new config in place you can run:
ssh -f -N tunnel
Source: http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/