After a day of searching I am unable to replicate the feature with command line for ssh tunnel and reverse tunnel.
reverse ssh tunnel configuration
normal ssh tunnel configuration
with the UI settings above I am able to get it working with instruction on the web!
currently I am trying to do
device 1 connect to (ssh server) and passes its port 80 to port 9191 onto the server then the server relays the port 9191 to device #3.
(device #1 reverse tunnel port 9191 to server device #2) <--> (server device #2 receives port 80 and use it as port 9191 which will relay to device #3) <--> (device #3 with normal tunnel to get port 9191 from device #1 with device #2 being the middle man)
I am able to use the putty user interface to click do get it working, but I am unable to replicate a working situation with command line. ssh command line examples out there do not seem to work.
for example:
on reverse tunnel device
ssh -R 9191:localhost:80 root#localhost
on the normal tunnel device
ssh -L 9191:localhost:9191 root#localhost
please let me know if the question is lacking info or unclear
thanks!
To clarify my intent, I am trying to make a tunnel between (2 android devices) with a SSH server. I can't SSH directly into an android mobile device simply because of firewall issue, so I have to use a standalone SSH server to act as a middleman to help relay the connection. However if there is any other better options please let me know as well, for example VPN or anything which may not use a lot of battery power on our mobile devices through 3g/wifi.
any other options would be fine but please consider 3g/wifi/firewall/battery consumption/data overhead concerns as well. I am not sure how does the major mobile app handle this, so any new ideas or methods are welcomed.
thanks in advanced
As i understand from the comments, you're on Device 1 (Android A), trying to talk to Device 3 (Android B) via Device 2 (SSH host).
Try this on Android A:
ssh -L 9191:android_b:9191 root#ssh_host
On Android B:
ssh -L 9191:android_a:80 root#ssh_host
Or also from Android A:
ssh -R 9191:android_a:80 root#ssh_host
That should serve Android A's port 80 on Android B's port 9191, and that one on Android A's port 9191.
On Device A
ssh -R 9191:127.0.0.1:80 user#RemoteHost
On Device B
ssh -L 9191:127.0.0.1:9191 user#RemoteHost
Related
I am trying to access my Linux machine from anywhere in the world. I have tried originally port forwarding and then ssh'ing in; however, I believe my school's WiFi won't allow port forwarding (every time I ran it, it would tell me connection refused). I have setup an account with ngrok and I can remotely SSH in, but now I am wondering if it is possible to RDP. I tried connecting via the Microsoft Remote Desktop app on Mac, but it instantly crashes. I have also looked at trying to connect with localhost, but it's not working. So far, I have tried (with xxxx being the port):
ssh -L xxxx:localhost:xxxx 0.tcp.ngrok.io
and
ssh -L xxxx:localhost:xxxx <user>#0.tcp.ngrok.io
but my computer won't allow it and after about 2 or 3 times, it warns me of a possible DNS Spoofing. Is there anyway that I can run a remote desktop of my linux machine that I have ssh tunneled to (from my mac) on ngrok? Thank you!
First you'll need to sign up with ngrok if you haven't already and you'll be given an authtoken. You'll need to install this by running
./ngrok authtoken <insert your token here>
This will save your token to a file located ../username/.ngrok/ngrok.yml
Then you'll need to ask ngrok to create a TCP tunnel from their servers to your local machine's Remote Desktop port which should be 3389 by default
ngrok tcp 3389
Give it 30 seconds or so then jump to http://localhost:4040/status to see what the tcp address ngrok has allocated you. It should look something like tcp://1.tcp.ngrok.io:158764
Now you should be able to remote into your machine using address 1.tcp.ngrok.io:158764
I wanted to ssh into Kaa's sandbox using ssh kaa#127.0.0.1 -p 2222 given in the virtual machine to us and also in one of the Data Collection demo where it said that we need to ssh into kaa's sandbox then we can see our mongoDB using our application token of our demo to see data saved into it.
But we do know the password is kaa123. But I tried 4 times, it shows permission denied, please try again until it shows permission denied (publickey,password).
ThusIi would like to seek help. I haven set up anything apart from downloading cmake, gcc. I changed the port on Raspberry pi to port 2222. Raspberry pi is connected to my computer using an Ethernet cable.
Raspberry pi static ip address : 169.254.220.68
Computer static ip address : 169.254.220.135
Kaa's sandbox ssh address is : ssh kaa#127.0.0.1 -p 222
Your answers are really very very important to us as we have been stuck for days for our mini Final Year Project.
As I understood, the situation is next:
Kaa Sandbox is running in VirtualBox image on host 169.254.220.135
Raspberry Pi has IP address 169.254.220.68
You tries to get to Kaa Sandbox by ssh from Raspberry Pi
Kaa Sandbox shows in terminal that you can access its SSH via localhost (127.0.0.1) port 2222
If that is correct, the technical details are as follows:
You should be able (if you didn't change Kaa Sandbox configuration) to access the Kaa Sandbox from your VirtualBox host just as it is shown in the Kaa Sandbox terminal:
ssh kaa#localhost -p 2222
Please try this first. Should this fail you will not be able to pass the further checks below.
The Kaa Sandbox is shiped with NAT networking mode configuration. This means (among other things) that its internal IP addresse(s) (including 10.0.2.15) cannot be reached from outside. That is, you cannot connect to this address from Raspberry Pi and even from your VirtualBox host. NAT hides them under the VirtualBox host IP address.
To enable access to the Kaa Sandbox from outside we pre-configured the Kaa Sandbox VirtualBox image to forward several ports from your host IP address to the internal IP address (10.0.2.15) which is under NAT. The port forwarding configuration is next:
${HostIP}:2222 -> 10.0.2.15:22
This means that all the connections to ${HostIP}:2222 will be forwarded to the Kaa Sandbox's 10.0.2.15:22.
Thus:
You should be able to get Kaa Sandbox SSH locally by kaa#localhost -p 2222 and by host IP: kaa#169.254.220.135 -p 2222
You need to use your host IP from remote: kaa#169.254.220.135 -p 2222
Please let me know if something is unclear here or does not work for you.
127.0.0.1 always points to your own computer. If kaa's sanbox is in your Raspberry Pi, try ssh kaa#169.254.220.68 -p 2222
The goal is to connect to my home computer from outside. The ISP blocks all the ports (and demands $$$ for business package with static ip address), so simple port forwarding on home router does not work.
I have used putty to tunnel a listening port to a remote server: R2221:###.###.###.###:2221 (to make things simpler, the test server is a simple ftp server running on my home windows machine) (the entire ip address has to be specified -- with OpenSSH 1.0 running on the linux box wildcard address results in refusal of connection) (GatewayPorts are set to on).
Netstat -a confirms that port 2221 on the linux box is open and listening. However, whenever I try to connect to that port, it simply hangs. Command line ftp client says "connected to ###.###.###.###" and that's it. Running netstat again shows dozens of opened connections to port 2221, all coming from my windows box (I tried using browser as well as command line ftp client).
Which step am I missing?
Tried with RDP, VNC and FTP -- all of them hang, all of them connect when connecting through my home network (or my home router).
EDIT The setup is as follows:
PC 1 (windows) has FTP service running on port 2221. It uses PuTTY to tunnel a listening port to PC 2 (linux). PC 2 does show listening port when running netstat. Connecting to port 2221 on PC 2 either form PC 2 or from PC 3 results in hanging.
EDIT 2 Aaaand it worked. Using 127.0.0.1 instead of the remote machine's ip address was what corrected it. Thanks a lot.
Are you sure your -R command is correct? From what you say I suppose the command should be R2221:127.0.0.1:2221. The -R ssh option in form of port:host:hostport does the following: it opens port port on the remote side and forwards the connection to that port to local address host:hostport, and this connection is made from the local machine.
To make your local machine (the one that is running ssh client, e.g. PuTTY) connect to your local FTP server running on the same machine, use 127.0.0.1 as an address.
It also explains why you see a strange behaviour: when you actually connect to xxx.xxx.xxx.xxx:2221, it forwards the connection to the same address xxx.xxx.xxx.xxx:2221 and you get some kind of a loop.
I am developing an embedded application. It will be running on a full-fledged embedded linux, but will be controlled through commands arriving from the serial port from a windows host.
during the debug phase, this windows host is running in a virtual machine and the embedded application is run locally. As such I would like for these 2 to communicate normally as if a normal usb (to serial) cable was connected between them.
How do I go about it? I have heard of the notion of pseudo ports (/dev/ptyXX) but haven't found any C tutorial to go about it.
I basically expect something like a device node (or 2), so I can assign one node to virtualbox "serial port" settings and assign the other node to my linux applicatio that is currently running on the linux host.
Thank you for your help
EDIT: it looks like socat might be the tool for the job , but I can't quite grab the way it works. I am trying the command:
socat -d -d PTY:link=/home/nass/acm0,raw,echo=0 UNIX-CONNECT:/home/nass/dm0
2013/07/18 17:53:56 socat[13271] N PTY is /dev/pts/10
2013/07/18 17:53:56 socat[13271] N opening connection to AF=1 "/home/nass/dm0"
2013/07/18 17:53:56 socat[13271] E connect(5, AF=1 "/home/nass/dm0", 16): Connection refused
2013/07/18 17:53:56 socat[13271] N exit(1)
Why is the connection refused?
If /home/nass/dm0 is missing, the virtual machine will fail to startup (both in host pipe and host device cases)
I pre-created the node /home/nass/dm0 as a file with touch /home/nass/dm0. how should I setup virtualbox? host device? host pipe?
should dm0 even exist before powering up the virtual machine? if yes, should it be a file created with touch /home/nass/dm0? If it should be a socket, how do I pre-create it?
I realize this is an old question, but I was recently working with socat and virtual serial ports and this cropped up in a google search.
If you want socat to create the unix socket, then use UNIX-LISTEN instead of UNIX-CONNECT:
socat pty,link=/home/nass/acm0,raw,echo=0 unix-listen:/home/nass/dm0
Running the above produces a pty device with a symlink at $HOME/acm0:
$ ls -l ~/acm0
lrwxrwxrwx 1 lars lars 10 Jan 12 23:12 /home/lars/acm0 -> /dev/pts/8
And a Unix socket at $HOME/dm0:
$ ls -l ~/dm0
srwxr-xr-x 1 lars lars 0 Jan 12 23:12 /home/lars/dm0
If you connect to the unix socket and send data, it will be sent out the pty device (and vice-versa). This works, but it may not be what you want. If your Linux application expects to interact with a serial port, then instead of a unix socket you would want a second pty device:
socat pty,link=$HOME/vmside,raw,echo=0 pty,link=$HOME/hostside,raw,echo=0
This creates a pair of connected pty devices (one named vmside and one named hostside). You would connect the vmside pty to your virtual machine, and then you would connect your application (or other serial communication program, like picocom or cu or screen) to hostside.
I have a VPS server and I lock down to only expose 3 ports 80, 443 and 22222 for ssh. So far I can connect to the server using Terminal (Mac) and Panic Transmit, but when I try to connect using Panic Coda the connection fail. What I am doing wrong?
I see Coda support sFTP and I can connect on Coda to the SSH, but not to the sFTP.
Ideas? Work around?
Thank you
As to what coda is actually doing, I can't say for sure.
Workaround could be to create an ssh tunnel and just use FTP, configure your FTP server or firewall to only allow loopback connections
Establish tunnel using something like:
ssh -o'Port 22222' -f user#server -L 3000:127.0.0.1:21 -N
Then point FTP at localhost, port 3000.
HOWTO: SSH Tunneling Made Easy