4/30/2023 0 Comments Reverse ssh tunnel manager![]() ![]() I have a monitoring web-app on a work server that I want to check from home, but it's intentionally firewalled beyond that work LAN We could use the above, but to get a HTTP connection through with that method requires multiple steps, so is more awkward and fragile Note that on the work side, that's still an private network - unroutable beyond that subnetĬonsidering direction of SSH connection and/or tunnel And have an internet-exposed linux server at work, on the same (V)LAN as that windows server (if you don't, see the next section)ĭifferent to the last mostly in that I now tell that connection to go to another host (private IP) rather than to itself I sometimes want to remote-desktop to an internal Windows server at work. The database server can stay tightly firewalled - it doesn't need to listen to its LAN interfaces at all for this to work My laptop's doesn't need to be trusted by the server (the database never even sees its IP) So now, when something (like pgadmin or dBeaver) connects to my laptop's port 5432, it actually gets sent to what on the the SSH server's networking side is localhost:5432Īs far as the dbserver is concerned, it's seeing a connection from its localhost. Say I have a database-exploring GUI on my laptop (pgadmin, dbeaver, etc.), and a database server in the corner of my room that has SSH open but is otherwise firewalled on that laptop I might do (e.g. here's some introduction via real uses I've had for it: Why that is useful is not immediately obvious, so. and from that other side there will be a new, non-secured (!) TCP connection, to the a host and port you also specified. It will be carried through that existing SSH connection to the other side. when a regular TCP connection is made to that listening port.R is "once the SSH connection is established, listen at remote/server side" L is "once the SSH connection is established, listen from the connecting client's side" you make one side listen to a specified port (you choose which side, and which port).SSH tunnels mean that, aside from the SSH connection you're establishing always, 2.1.2 PuTTY X11 proxy: wrong authorisation protocol attempted.2.1.1 X11 forwarding request failed on channel 0.1.4.5 remote port forwarding failed for listen port.1.4.3 Pseudo-terminal will not be allocated because stdin is not a terminal.1.4.2 Authentication refused: bad ownership or modes for directory /home/someone.1.4.1 channel 2: open failed: administratively prohibited: open failed.1.4 Errors related to TCP tunnels (or general SSH).1.3.3 Automatic re-establishing when disconnects happen anyway.1.3.1 Avoiding having a shell open on it.1.3 Practicalities to the open SSH connection.1.2.2 Considering direction of SSH connection and/or tunnel. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |