public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] SSH question
@ 2012-08-20  3:31 David Relson
  2012-08-20  3:48 ` Canek Peláez Valdés
  0 siblings, 1 reply; 6+ messages in thread
From: David Relson @ 2012-08-20  3:31 UTC (permalink / raw
  To: gentoo-user

G'day,

I've volunteered to do some data entry for my local bike club.  This
involves a java application (jar  file) and a tunnel to a mysql
server.  I have detailed PuTTY configuration instructions but haven't
yet succeeded in converting them to ssh options.

The configuration options include:

    Seconds between keepalives -- 120
    Don't start a shell or command
    Forwarded port:
        source port number - PORT
	Destionation: MACHINE.DOMAIN.COM
    Host - IP_Address
    Login - userid
    Password - pw

Using "ssh -N userid@IP_Address" gives me a password prompt and no
command prompt - both good.

How do I specify the forwarded port?

Thank you.

David


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] SSH question
  2012-08-20  3:31 [gentoo-user] SSH question David Relson
@ 2012-08-20  3:48 ` Canek Peláez Valdés
  2012-08-20  5:50   ` Mick
  0 siblings, 1 reply; 6+ messages in thread
From: Canek Peláez Valdés @ 2012-08-20  3:48 UTC (permalink / raw
  To: gentoo-user

On Sun, Aug 19, 2012 at 10:31 PM, David Relson <relson@osagesoftware.com> wrote:
> G'day,
>
> I've volunteered to do some data entry for my local bike club.  This
> involves a java application (jar  file) and a tunnel to a mysql
> server.  I have detailed PuTTY configuration instructions but haven't
> yet succeeded in converting them to ssh options.
>
> The configuration options include:
>
>     Seconds between keepalives -- 120
>     Don't start a shell or command
>     Forwarded port:
>         source port number - PORT
>         Destionation: MACHINE.DOMAIN.COM
>     Host - IP_Address
>     Login - userid
>     Password - pw
>
> Using "ssh -N userid@IP_Address" gives me a password prompt and no
> command prompt - both good.
>
> How do I specify the forwarded port?

If I understand correctly, with -L:

ssh -L XX:machine2:YY user@machine1

This command will connect you to the "machine1" host with user "user",
and any connection to the port XX to the machine you are running the
ssh command from, will redirect the connection to the "machine2" host
in the YY port.

Regards.
-- 
Canek Peláez Valdés
Posgrado en Ciencia e Ingeniería de la Computación
Universidad Nacional Autónoma de México


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] SSH question
  2012-08-20  3:48 ` Canek Peláez Valdés
@ 2012-08-20  5:50   ` Mick
  2012-08-20 11:35     ` David Relson
  0 siblings, 1 reply; 6+ messages in thread
From: Mick @ 2012-08-20  5:50 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: Text/Plain, Size: 1849 bytes --]

On Monday 20 Aug 2012 04:48:40 Canek Peláez Valdés wrote:
> On Sun, Aug 19, 2012 at 10:31 PM, David Relson <relson@osagesoftware.com> 
wrote:
> > G'day,
> > 
> > I've volunteered to do some data entry for my local bike club.  This
> > involves a java application (jar  file) and a tunnel to a mysql
> > server.  I have detailed PuTTY configuration instructions but haven't
> > yet succeeded in converting them to ssh options.
> > 
> > The configuration options include:
> >     Seconds between keepalives -- 120
> >     Don't start a shell or command
> >     
> >     Forwarded port:
> >         source port number - PORT
> >         Destionation: MACHINE.DOMAIN.COM
> >     
> >     Host - IP_Address
> >     Login - userid
> >     Password - pw
> > 
> > Using "ssh -N userid@IP_Address" gives me a password prompt and no
> > command prompt - both good.
> > 
> > How do I specify the forwarded port?
> 
> If I understand correctly, with -L:
> 
> ssh -L XX:machine2:YY user@machine1
> 
> This command will connect you to the "machine1" host with user "user",
> and any connection to the port XX to the machine you are running the
> ssh command from, will redirect the connection to the "machine2" host
> in the YY port.

If you want to forward a local port XX to a remote port YY then Canek's 
suggestion will do what you want, assuming that the correct remote application 
is listening on port YY.

When you have more than one application this can soon become tedious.  So, if 
you want to set up the remote machine as a SOCKS proxy so that any socks-ified 
applications on the local machine can connect to the remote SOCKS, then you 
can use:

  ssh -N -D XXXX user@machine1

For applications that do not have built in proxy capability you can use e.g. 
proxychains.

HTH.
-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] SSH question
  2012-08-20  5:50   ` Mick
@ 2012-08-20 11:35     ` David Relson
  2012-08-20 18:04       ` Mick
  0 siblings, 1 reply; 6+ messages in thread
From: David Relson @ 2012-08-20 11:35 UTC (permalink / raw
  To: gentoo-user

On Mon, 20 Aug 2012 06:50:29 +0100
Mick wrote:

> On Monday 20 Aug 2012 04:48:40 Canek Peláez Valdés wrote:
> > On Sun, Aug 19, 2012 at 10:31 PM, David Relson
> > <relson@osagesoftware.com> 
> wrote:
> > > G'day,
> > > 
> > > I've volunteered to do some data entry for my local bike club.
> > > This involves a java application (jar  file) and a tunnel to a
> > > mysql server.  I have detailed PuTTY configuration instructions
> > > but haven't yet succeeded in converting them to ssh options.
> > > 
> > > The configuration options include:
> > >     Seconds between keepalives -- 120
> > >     Don't start a shell or command
> > >     
> > >     Forwarded port:
> > >         source port number - PORT
> > >         Destionation: MACHINE.DOMAIN.COM
> > >     
> > >     Host - IP_Address
> > >     Login - userid
> > >     Password - pw
> > > 
> > > Using "ssh -N userid@IP_Address" gives me a password prompt and no
> > > command prompt - both good.
> > > 
> > > How do I specify the forwarded port?
> > 
> > If I understand correctly, with -L:
> > 
> > ssh -L XX:machine2:YY user@machine1
> > 
> > This command will connect you to the "machine1" host with user
> > "user", and any connection to the port XX to the machine you are
> > running the ssh command from, will redirect the connection to the
> > "machine2" host in the YY port.
> 
> If you want to forward a local port XX to a remote port YY then
> Canek's suggestion will do what you want, assuming that the correct
> remote application is listening on port YY.
> 
> When you have more than one application this can soon become
> tedious.  So, if you want to set up the remote machine as a SOCKS
> proxy so that any socks-ified applications on the local machine can
> connect to the remote SOCKS, then you can use:
> 
>   ssh -N -D XXXX user@machine1
> 
> For applications that do not have built in proxy capability you can
> use e.g. proxychains.
> 
> HTH.
> -- 
> Regards,
> Mick

H'lo Mick and Carnek,

The mention of XX and YY wasn't transparent, but a bit of
experimentation gave a good connection.  Using the terms in my original
post, I now have the following working command: 

   ssh -2 -N -L PORT:MACHINE.DOMAIN.COM:22 userid@IP_Address

Just need to add an appropriate TCPKeepAlive and all will be good.

Thank you both for your tips..

Regards,
David


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] SSH question
  2012-08-20 11:35     ` David Relson
@ 2012-08-20 18:04       ` Mick
  2012-08-23  0:02         ` David Relson
  0 siblings, 1 reply; 6+ messages in thread
From: Mick @ 2012-08-20 18:04 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: Text/Plain, Size: 3105 bytes --]

On Monday 20 Aug 2012 12:35:06 David Relson wrote:
> On Mon, 20 Aug 2012 06:50:29 +0100
> 
> Mick wrote:
> > On Monday 20 Aug 2012 04:48:40 Canek Peláez Valdés wrote:
> > > On Sun, Aug 19, 2012 at 10:31 PM, David Relson
> > > <relson@osagesoftware.com>
> > 
> > wrote:
> > > > G'day,
> > > > 
> > > > I've volunteered to do some data entry for my local bike club.
> > > > This involves a java application (jar  file) and a tunnel to a
> > > > mysql server.  I have detailed PuTTY configuration instructions
> > > > but haven't yet succeeded in converting them to ssh options.
> > > > 
> > > > The configuration options include:
> > > >     Seconds between keepalives -- 120
> > > >     Don't start a shell or command
> > > >     
> > > >     Forwarded port:
> > > >         source port number - PORT
> > > >         Destionation: MACHINE.DOMAIN.COM
> > > >     
> > > >     Host - IP_Address
> > > >     Login - userid
> > > >     Password - pw
> > > > 
> > > > Using "ssh -N userid@IP_Address" gives me a password prompt and no
> > > > command prompt - both good.
> > > > 
> > > > How do I specify the forwarded port?
> > > 
> > > If I understand correctly, with -L:
> > > 
> > > ssh -L XX:machine2:YY user@machine1
> > > 
> > > This command will connect you to the "machine1" host with user
> > > "user", and any connection to the port XX to the machine you are
> > > running the ssh command from, will redirect the connection to the
> > > "machine2" host in the YY port.
> > 
> > If you want to forward a local port XX to a remote port YY then
> > Canek's suggestion will do what you want, assuming that the correct
> > remote application is listening on port YY.
> > 
> > When you have more than one application this can soon become
> > tedious.  So, if you want to set up the remote machine as a SOCKS
> > proxy so that any socks-ified applications on the local machine can
> > 
> > connect to the remote SOCKS, then you can use:
> >   ssh -N -D XXXX user@machine1
> > 
> > For applications that do not have built in proxy capability you can
> > use e.g. proxychains.
> > 
> > HTH.
> 
> H'lo Mick and Carnek,
> 
> The mention of XX and YY wasn't transparent, but a bit of
> experimentation gave a good connection.  Using the terms in my original
> post, I now have the following working command:
> 
>    ssh -2 -N -L PORT:MACHINE.DOMAIN.COM:22 userid@IP_Address
> 
> Just need to add an appropriate TCPKeepAlive and all will be good.
> 
> Thank you both for your tips..

You're welcome.  BTW, port 22 in your example above does not *have* to be port 
22.  As a matter of fact if it isn't, it would avoid zillions of connection 
attempts by stupid botnets that could drive up your bandwidth consumption. It 
could also be the same port as the one you use at your local host. Whichever 
port you choose, you'll have to allow it through the firewall at the remote 
machine and of course whichever application is running at the remote host that 
you want to connect to, should be listening on said port.
-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] SSH question
  2012-08-20 18:04       ` Mick
@ 2012-08-23  0:02         ` David Relson
  0 siblings, 0 replies; 6+ messages in thread
From: David Relson @ 2012-08-23  0:02 UTC (permalink / raw
  To: gentoo-user

On Mon, 20 Aug 2012 19:04:38 +0100
Mick wrote:

...[snip]...

> You're welcome.  BTW, port 22 in your example above does not *have*
> to be port 22.  As a matter of fact if it isn't, it would avoid
> zillions of connection attempts by stupid botnets that could drive up
> your bandwidth consumption. It could also be the same port as the one
> you use at your local host. Whichever port you choose, you'll have to
> allow it through the firewall at the remote machine and of course
> whichever application is running at the remote host that you want to
> connect to, should be listening on said port. -- 
> Regards,
> Mick

The remote machine(s) were set up by someone else.

My firewall deals with port 22 by periodically checking for multiple
failed logins from the same IP address and then blocking that address.
The list gets long, but with the automatic handling, it's not a
problem :->


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2012-08-23  0:06 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-08-20  3:31 [gentoo-user] SSH question David Relson
2012-08-20  3:48 ` Canek Peláez Valdés
2012-08-20  5:50   ` Mick
2012-08-20 11:35     ` David Relson
2012-08-20 18:04       ` Mick
2012-08-23  0:02         ` David Relson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox