SSH local port forward can not access from outside [closed] - linux

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
After
server-a$ ssh -L 9000:imgur.com:80 user#example.com
I can only
server-a$ telnet 127.0.0.1 9000
from the server-a, can not access 9000 port of server-a from outside.
How can I access the server-a 9000 from outside, I don't have any iptables ?
PS: I meet this problem before, after I edit the sshd_config, this problem was fixed, but I don't remember what I changed.

Add -g to the command
ssh -g -L 9000:imgur.com:80 user#example.com
From ssh man:
-g Allows remote hosts to connect to local forwarded ports.
means ssh will listen on other IP then localhost enabling you to connect to the forwarded port from outside your system.
This is not on by default because it can be a security issue (random people connecting to the forwarded port arriving on the supposedly secured destination server)

Related

SSH connect to remote on local network [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 6 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I have 2 computers on linux (ubuntu like), both are on separated local networks (192.168.xxx.xxx).
I would like to connect through ssh to Linux2 from Linux1 but it doesn't have any public IP.
I have also a public server (srv.domain.com)
I suppose that both PC could connect to server and it would be able to forward commands ??
But I can't figure out how to do that. Is someone already did something similar and can explain it to me.
I have root access on all machines
Thanks a lot for your help !!!
The easiest way would be to make the firewall/router allow ssh connections between the hosts. But there is another way:
If your server can reach both clients, you can ssh onto the server and redirect a port to the ssh on the other machine:
ssh -L 1234:CLIENT2:22 -l USERNAME SERVERNAME
after logging into the the machine open another terminal window and enter:
ssh -l USERNAME -p 1234 localhost
USERNAME should be replaced with the username on the server/second
client.
CLIENT2 should be replaced by the ip or hostname of the
second client.
SERVERNAME should be replaces by the name of your
server.
You can also ssh onto the server and open another ssh session from there. But that would be to easy ;)
If your server cannot reach the clients you have to build the tunnel the other way round:
ssh -R 1234:22 -l USERNAME SERVERNAME
after logging into the the machine open a terminal window on the other machine and enter:
ssh -l USERNAME -p 1234 SERVERNAME
USERNAME should be replaced with the username on the server/second
client.
SERVERNAME should be replaces by the name of your
server.

Unable to telnet to localhost [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
While trying to telnet to localhost I get the below error
telnet localhost 32768
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying ::1...
telnet: connect to address ::1: Network is unreachable
If you run
netstat -ln
it will probably reveal that your server listens to 0.0.0.0, which only allows IPv4 to connect. If the software listens to :: (IPv6 ANY) instead, it will allow both IPv4 and IPv6 to connect unless it tells the kernel otherwise with socksetopt() call (See man ipv6(7) IPV6_V6ONLY)

Explanation of ssh command with option -D [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I am studying ssh and I haven't understood the following command with option D
ssh -D 9999 username#remotehost.net
can someone explain what this command does exactly with an example and when it is useful?
This will forward all packets to remotehost.net from localhost:9999 (in your example). In a nutshell this is socks proxy.
From ssh man page:
Specifies a local “dynamic” application-level port forwarding. This works by allocating a socket to listen to port on
the local
side, optionally bound to the specified bind_address. Whenever a connection is made to this port, the connection is
forwarded over
the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently
the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server. Only root can forward privileged ports.
Dynamic port forwardings can also be specified in the configuration file.

create a port forwarding through ssh-tunnel in .ssh/config [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I am actually scratching my head about this one.
I found this excellent guide for for port-forwarding via multiple ssh-hops.
Folowing this guide I tried this:
This works:
$ ssh -t hop -L 9080:localhost:9080 \
> ssh -A -t user#192.168.1.100 -L 9080:localhost:9080
with .ssh/config
Host hop
User extUser
IdentityFile ~/.ssh/id_rsa.company.pub
Hostname company.com
ForwardAgent yes
Port 11000
This actually opens a port on my machine via hop to the 100 target machine's service at port 9080.
The hop server has access to 192.168.1.100:9080 (i.e. wget 192.168.1.100:9080 succeeds)
So according to the guide, this should work as well:
ssh -L 9080:192.168.1.100:9080 hop
But it does not. It opens the connection to the hop ssh point (-f -N) would prevent this) but the tunnel is not forwarded to the destination. What am I missing?
Of course finally it should be all in the .ssh/config:
Host tunneled-9080
User extUser
IdentityFile ~/.ssh/id_rsa.company.pub
Hostname company.com
ForwardAgent yes
Port 11000
LocalForward 9080 192.168.1.100:9080
so a simple
ssh -f -N tunneled-9080
is all I need.
What am I missing?
Just for the record, if someone comes to this question.
Everything above is correct and works. What tricked me, was my way too clever browser which converted sometime through the trying out localhost:9080 into www.localhost.com:9080 which of course failed horribly. dough
Stupid clever firefox
The first command (combined with the ssh config) is logging into hop as user extUser and from there logging into the 100 machine as user user.
While the second command tries to log into both machines as user extUser. This is probably why it fails - because user extUser does not have access setup on the 100 machine.

ssh: connect to host localhost port 2222: Connection refused [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I installed Virtual Box on my Linux OS, in the Virtual Box, I created another Linux OS, which has a user called "dvader", I want to SSH from my local Linux OS to the Linux OS on Virtual Box, I used the command below:
$ ssh -p 2222 dvader#localhost
But I always got the error:
ssh: connect to host localhost port 2222: Connection refused
Anyone knows how to solve this problem? Thank you in advance.
cuestion: ¿are you using NAT?... SSH listen p22 by default, if you want connection on p2222 edit the ssh_config placed in /etc/ of your VM Guest... find the line (assuming that you are in a *buntu OS family)
39 # Port 22
and change it to
39 Port 2222
and there you have it on p2222
BTW, your host could'nt see the guest by name "dvader#localhost", because "localhost" it's indeed your HOST & your GUEST maybe another IP, give more details about your VNetwork config...
Sorry for my english :)

Resources