Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
Alright, so I'm not great (or even good) with servers, but have recently been put in charge of the task of setting them up. I have an application sitting on a VPS, here are the specs that may matter for this question...
Ubuntu 10.04
Nginx
ufw
So I was setting up my first firewall and was using UFW. I accidentally only opened up ports 80 and 443 (I was confused about setting up an SSL cert (also a new task)) and got logged out of the server. My ssh is set to try port 22 and so when I try to ssh in, it won't let me, I get this error --
ssh: connect to host xxx.xxx.xxx.xxx port 22: Operation timed out
So I tried to ssh in on one of the open ports by running this command --
ssh deployer#xxx.xxx.xxx.xxx -p443
and received this error --
ssh: connect to host xxx.xxx.xxx.xxx port 443: Connection refused
The same thing happened for trying port 80.
What do I do? I already have a live and very active application on this server. I need to be able to login and reopen port 22 for ssh or switch ssh over to another port.
Side note: sftp did not work either.
Most (if not all) VPS providers have a shell integrated in the control panel of the customer, so even if you have the sshd off you can still run commands on the server.
If not you can still also contact the hosting company and they can run commands on any of the virtual devices they are hosting.
Because your ssh server is running only on port 22 you will not be able to connect to it through port 80 (usually used for http) or port 443 (usually used for https). So there is nothing you can do from remote :(
If somehow you could upload and execute a file in your application, then to get a shell on the server is only a matter of uploading a reverse-shell. Some web applications allow the admins (I suppose you're an admin of the web application) to upload this kind of files (.php, .perl, etc.). Maybe is the case of your application. If you can't upload a file, then you probably are screwed.
Note that this isn't a good security practice. The application shouldn't allow you to upload and execute code, because if somehow an admin account is compromised, then the whole server may be compromised.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I am doing my hw on this page: https://www.isi.deterlab.net/file.php?file=/share/shared/Softwareexploitsexercise/index.html#dassign
In the second task, I don't really know how to do the following:
If you have set up ssh tunneling to port 80 via local port 8118 (a
good idea), the memo application can be accessed at
http://localhost:8118/cgi-bin/memo.cgi
How to set up ssh tunneling to port 80 via local port 8118? Is that certain command in terminal? Could you tell me how to do? The whole operation should be done in shell because it is on certain platform.
This ssh feature is called port forwarding.
Local port forwarding listens to the port on local machine and forwards it via the connection to specified destination:
ssh -L 8118:localhost:80 ssh-server
In the example it forwards the port from client machine to localhost of the remote server but you can specify any destination you want. I assume the http server runs on that server.
Remote forwarding does the opposite, i.e. listens on port on remote server and forwards via ssh to specified destination:
ssh -R 8118:localhost:80 ssh-server
Again, it doesn't have to be localhost. It can forward the port 8118 on ssh-server to any destination accessible from the client machine.
Both forwardings are useful when the service is not directly accessible from the remote destination, either because of firewall, visibility or simply the service running on localhost only.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
First of all, I'm beginner at this, so don't be too harsh.
Yesterday, I wanted to make Linux Server. Installed LAMP, PhpMyAdmin. Man the websites IP static. I installed moodle on my website server. Then I closed VirtualBox and went to sleep.
Today when I runned my server and tried to access /phpmyadmin or (ipaddress)/moodle it says that webpage isn't available. Does this mean I have to do everything from the scratch again?
I'd appreciate any help.
I tried command sudo service apache2 start , but nothing changes.
Run this command in Terminal:
sudo service apache2 restart
OR
sudo restart apache2
Try the Answer on this Post
There are a lot of basic troubleshooting steps to take here.
You mentioned "localhost" in your question, but this doesn't sound like the local host; if you're connecting to your guest machine from the host machine then both machines will treat it as a networking connection (because it is networking). How that networking is configured will depend on your VirtualBox configuration.
Are you sure the virtual machine is running, the IP address is assigned, and networking is, well, working? Try pinging the virtual/guest machine from the host machine. After pausing and resuming, one of my Debian machines used to always pick up a DHCP address on the host-networking adapter despite being set to a static address in /etc/network/interfaces. Look at ifconfig to verify the IP address listed is what you expect.
Are you sure Apache is running? Try accessing it from within the guest machine on http://localhost -- by telnet to port 80, command-line tool, or full-on web browser.
Are other services working? Try to connect remotely to whatever you have running: SSH, FTP, IMAP, MySQL, NTP -- try to connect and see if the problem is the network or the service.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
There's a file on a node I'm trying to grab with WinSCP. Normally to access the file through my Linux VM I use the commands
ssh -p 2200 -L 2020:py-01:22 foo#university.edu
and that builds a tunnel to where I want to go. Then I open a second terminal and say:
ssh -p 2020 foo#localhost
Which connects me to that tunnel and I can see the file I want to get at. So I'm trying to use WinSCP to do the similar process so I can see the file and then make my own copy of it but I'm falling short. Can someone help me plugin the above commands to WinSCP?
If you need to connect through a tunnel for an SSH terminal session, you need to connect through the tunnel with WinSCP for an SFTP session too, as the SFTP uses the SSH underneath. There's no difference.
To setup a connection through a tunnel in WinSCP:
first set up a session as if you were connecting directly, i.e. py-01
click the Advanced button to open the Advanced Site Settings dialog
there go to the Connection > Tunnel page
check Connect through SSH tunnel
in the Host name specify a host to tunnel through, i.e. university.edu
in the User name specify an account for the tunnel host
Note that tunnel port is autoselected, so you do not specify it (2200) anywhere.
For detais, see:
https://winscp.net/eng/docs/ui_login_tunnel
If you have an SSH tunnel setup already (using the first command from your question, if it is run on Windows using Cygwin), you can connect to the existing external tunnel with WinSCP:
the Host name localhost
the Port number 2200
You can also do it the other way around: Explicitly specify the Local tunnel port number in WinSCP, and reuse the WinSCP tunnel also for an SSH terminal client.
Generally, a tunnel is not required for WinSCP. You can connect to the remote Linux machine via standard ssh port 22.
However, if you still need the tunnel, there is a guide: http://winscp.net/eng/docs/ui_login_tunnel.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
So I've been scouring the internet for days trying to figure this out and can't figure it out.
I know its going to be an easy one.
So I recently took an old desktop and loaded ubuntu server 12.04 on it. My goal with this project is to create an area to host a few git repositories and maybe a simple webpage.
I've installed both the SSH and Apache2 packages and tried to configure them. Right now I can log in from my laptop using ssh greg#0.0.0.0.0 but only while I am on the same network. Once I leave the house I get a timeout error.
So 2 things I would like to get at right now.
How to configure the SSH to allow me to access the server from outside the network.
Get my host name on the server so logins will be greg#hostname instead of greg#0.0.0
(I've done sudo hostname and changed the etc/hostname file and no results)
Thanks guys.
The timeout external to your home network occurs because the IP you specified will be routed elsewhere on external networks.
As others have indicated, you need to configure port forwarding on your router (external interface) to the SSH server. You can either use the standard port (22) or any alternative port (something above 1024). For the webserver you will need to set the port forwarding from port 80 on the external interface to your server and maybe port 443 if you want to include SSL/TLS connections.
I also recommend using the SSH config file (~/.ssh/config) to make it easier when making either an internal or external connection. Add something like this:
Host serverext
Hostname 1.2.3.4
User greg
Port 22
Host serverint
Hostname 192.168.1.10
User greg
Port 22
Change the Hostname for the serverext config to the IP address of your Internet connection. If you use a non-standard port for the external SSH connections then change the port field for serverext to match that.
Change the Hostname for the serverint config to the internal IP address for that server on your network.
Once this is configured, in conjunction with the port forwarding you will be able to use "ssh serverint" to connect to your server when you're at home and "ssh serverext" to connect to it when you're somewhere else.
It is possible to include advanced configuration options through the SSH configuration file, such as port tunneling and websocket connections. In the past I've done things like that and redirecting SSH connections through SOCKS proxy servers. I've even had it run through Tor, but it is very slow.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have installed Apache web server on Redhat Linux and able to access the web server locally from Linux. EIther using http://loclahost/ or http://ip.address/
But same if i tried from windows machine using intranet then unable to access the web server. I am able to ping the Linux machine from windows since both are in intranet.
Please share if any information or how to fixed same.
Thanking you in advance.
Your http port (80) on linux might not be open for outside incoming request...
http://www.cyberciti.biz/faq/linux-iptables-firewall-open-port-80/
This sounds like a firewall issue. If your server is protected inside your intranet, you might try switching off the firewall on your linux box temporarily to see if that fixes it.
One way to test if server ports are accessible is to use telnet to connect to them:
$ telnet ip.or.name.of.host 80
Make sure apache is using port 80 and then tell What is the output of "telnet <ip> 80" from the windows machine (might to have to install telnet through control center first). If you don't get a connection, maybe it is blocked by a firewall? Or you have another program running on your linux machine that is using port 80 (ie skype), but then you wouldn't be able to open the webpage from linux either.