Questions tagged as ['ssh-tunnel']

I'm facing an issue with setup I am using for ocassionally doing maintenance on a bunch of customer servers via remote SSH

Following Setup:

1 Control Server X Arbitrary number of Customer servers set up to have a 'service' account connect to my control server via SSH.

I've set up the clients to automatically connect to the control server, which has a fixed IP, via the service account using autoSSH afte ...

In reference to this question: Run 'kubectl' commands from my localhost to GKE - but via tunnelling through a bastion host

I'm facing the very same situation. I did all that is described in the accepted answer and achieved the point where I can communicate with my cluster via kubectl with --insecure-skip-tls-verify flag. However, I want to get rid of this flag as it is not the secure option. For that I tr ...

I have a fleet of Ubuntu edge computers that host simple web HMI servers. Many are behind dynamic IPs where port forwarding is unavailable.

So, to access them each uses autossh to create a reverse tunnel into a central cloud proxy server. I can then access each one with https://proxy.mydomain.com:6001, 6002, etc. This is working.

I now want to use NGINX so that we don't have to remember the port numbe ...

here is my issue.

OS : Oracle Linux 7.8 Management IP(Putty accessible) eth0: 10.250.0.210 App IP (not accessible outside) eth1: 10.250.4.210

I have a website running on 10.250.4.210:80.

I need to access this site via 10.250.0.210 IP for testing purposes. How can i accomplish this.

Thanks in advance. UJ

How can I simplify this? Perhaps using agent forwarding?

I have an SSH jump host with 2FA via TOTP x2 and a machine which uses 2FA as well(jump host and machine):

ssh myuser@host.corp.com -L 22222:my_machine.corp.com:22
# requires password + 2FA TOTP code
ssh myuser@localhost -p 22222
# requires password + 2FA TOTP code

How can I ideally simplify this (via SSH config or so) to simply call ssh myhos ...

I have a local network containing a machine named black running Ubuntu 16 server, and a raspberry pi. The pi has two network cards. One faces this local network, and the other connects to my ISP via a router. black has one interfaces which faces this network. The pi runs an ssh server configured out of the box.

I want to use sshuttle (or something else like it) to provide black with internet c ...

I'm creating an SSH tunnel to a remote service through one of our servers. This server has 3 network interfaces, and the remote service has interface-specific restrictions in place based on IP and MAC address.

Local Machine --> Server --> Remote Service

Let's say the interfaces to the Server have an IP ending in .37, .38, and .39. The interface with .37 is facing the corporate network, thus acce ...

There is a server with connection via VPN to it (using GRE protocol). I have got a problem to connect to this VPN from home network, because GRE is not allowed by provider. But I have got another work server (with SSH connection to it from home) in other network from which I can connect to server in VPN. Is there any way to make tunnel to connect from home to VPN-server through work-server? SSH connecti ...

I've established a connection to a server based on port-forwarded local Xrdp, through an SSH tunnel. If my understanding is correct, then I could illustrate such network as follows:

      ╷────<──port xxxx──<────╷        )
      │                       │        )                                    (            )
╷───────────╷           ...

I need to set up port forwarding from my local Windows machine Port 3307 to a remote MySQL server port 3306 but accessed via 2 Linux proxy servers and a Linux web server.

I need to use Putty or plink.exe on the Windows machine to set up the connnection.

See diagram

I've found examples using Putty GUI or plink CLI to achieve similar with only 1 proxy server but not with multiple hops.

I can achieve th ...

I run script from an OracleLinux 8.4 VM (with NatNetwork configured on VirtualBox) on my Windows 10 pc, to remote hosts using jump host.

My PC can't connect directly to remote hosts, but need to pass by jump host after connect to VPN.

This is my env:

I use these para ...

There is one Windows machine which can SSH into Linux server within VPN connection. How I can setup SSH tunnel (or anything else) on this Windows machine, which could be shared for other machine under same Wi-Fi?

I'm looking for a way to access to a server (D) through 2 proxy (B and C) using SSH keys stored on the first proxy (B). My computer (A) isn't allowed to save the key.

I understand the way to access to C using the key on B with an ssh config file (cf this post):

Host C
    ProxyCommand ssh -T -q -o 'ForwardAgent yes' B 'ssh-add -t 1 ~/.ssh/mykey && nc %h %p'

But from this point I can't use  ...

I would like my SSH config to call out to a script in certain situations to resolve a different IP address than what I provide. In this situation, I don't actually want to proxy through another host, simply change the host that's being SSH'd to (although in some situations I would like to proxy through a host, hence bundling this into one script).

This is a rather long script and isn't really desi ...

I want to connect to an 3rd party socks server (Dante), thru a ssh port forward (tunnel?).

But! opensshd is intercepting and handling the socks operation. (and doing a good job to)

But I need to route the output to a proxy, and need the 3rd party socks server.

is there anyway to tell sshd to stop interfering and leave the forwarded port 64001 reach it's destination (Dante)

The client is Android,  ...

I'm new to SSH Tunnel, I have read the wikibook of OpenSSH Proxy over and over, still so confused.

the Goal is building a double Proxy with only SSH Tunnels(Port Forwarding) or ProxyJump (not really sure what I should call them)

For example, me 192.168.1.1-->connect to-->the Jump ServerA 1.1.1.1, then I will actually reach the Target ServerB 2.2.2.2, if I setup a socks5 proxy with ServerA 1.1.1. ...

I have a web-app running on a particular port on a Linux EC2 instance. Only SSH traffic is allowed to that server.

Can multiple clients use SSH tunnels to that server to load a webpage from that port?

I wanna open my remote VM via Remmina on a local machine. The network graph is as follows:

Local Machine --> Login-server --> Remote Server --> Linux VM

I use Remmina and set it up as follows:

This shows the configuration set to access Remote Server

This shows the configuration set to access via the login server

However, I get an error saying the connection fails. Can someone help me through thi ...

I have a number of ssh hosts (a dozen), for simplicity host1, host2, etc.

I frequently need to forward port, e.g.

ssh -L 8888:localhost:8888 host1
ssh -L 8889:localhost:8888 host2
ssh -L 8890:localhost:80   host2

This is annoying since 1) I need to remember mapping from local ports to hosts and 2) I need to do that manually

I'd like to implement some kind of system that listened to specific hosts (loc ...

I am having a weird issue.

I brought up a new Linode to act as a tunnelling endpoint.

I was able to successfully remote forward port 1194 so now connections to linode-server@1194 successfully to my machine's port 1194 and I am able to connect to my VPN by connecting to port 1194 on my linode-server.

The below command is what I used (the one that works):

ssh -N -R 1194:localhost:1194 user@linode-se ...

I have a GNS3 server, and I'm trying to add iptable rules so that when someone on my team connects on port 1100, they get routed to an internal IP such as 192.168.122.2:22. This internal IP belongs to a bastion host of a GNS3 project. The end goal is to be able to shh into the internal IP addresses from a local machine.

This is how my IPTABLE looks (using fake public IP 1.2.3.4 for sake of exampl ...

I've been trying for hours and need some new input.

My set-up:

• Ubuntu VM (UVM) running a docker container that forwards RabbitMQ messages to an external machine
• Local Laptop (LVM) with Windows 10 running a RabbitMQ instance in docker on port 5672.

What I am trying to do:

On my UVM I have set-up a test environment that communicates via RabbitMQ with different microservices. I get data into this test  ...

I need to establish an arbitrary remote-forwarded port to a specific local port when connecting to a server. I don't have admin rights on the server, which is a significant compute resource used by a large number of people. I can't pick a static remote port number, because I have no reason to expect that it will always be available.

I am using a command like ssh -R 0:localhost:8001 servername -- using  ...

I am fighting with autoSSH configuration.

My setup

1. VPS as a public contact point, clients will access the VPS IP to get to the server
2. My home server running the service. This machine has dualwan connectivity - so it can switch to another ISP if the first one drop. (IP address will change)

I want to make a SSH tunnel that will automatically reconnect when the connectivity is switched or one of those  ...

This works in the command line.

ssh -i ~/.ssh/id_rsa x.x.x.x -p 22 -R <IP1>:10001:localhost:9090 -R <IP2>:10001:localhost:22

But when using the ssh config file, it fails. Below is the contents of the config file.

Host decryptor
  HostName      x.x.x.x
  User          sshtunnel
  Port          10022
  IdentityFile  ~/.ssh/id_rsa
  RemoteForward <IP1>:10001 localhost:9090
  Remote ...

I want Host B to set up a ssh tunnel to Host A so it can rsync with Host C. Only Host B has keys. All three machines use the same key.

I've tried this:

ssh -i ~/.ssh/key -A -R localhost:50000:Host_A:22 Host_C 'sudo -E -s rsync -a -e "ssh -v -l admin -p 50000 -o StrictHostKeyChecking=no" --rsync-path="sudo rsync" /path/ localhost:/path'

However, I'm getting an ssh permission denied error when runni ...

I have installed GitLab in docker on a distant machine. I would now like to forward the port 8080 from this distant machine to my local port 8080.

On the distant machine:

sudo docker run --detach --hostname gitlab.example.com --publish 443:443 --publish 8080:80 --publish 2222:22 --name gitlab --restart always --volume $GITLAB_HOME/config:/etc/gitlab --volume $GITLAB_HOME/logs:/var/log/gitlab --volume $GI ...

I have a remote oracle linux node that needs to have chef-client ran. This node is behind a firewall. I have access to the server command line via ILO, but need to run chef to install VPN software. How can I get connectivity to my chef server through a SSH tunnel?

I can find a lot tutorials on the web for setting up an reverse SSH tunnel.

  ssh -p2000 -fNC -R 10011:localhost:22.user@proxy.de

But how I can become an SSH connection on my local server? I like to set up a connection from proxy(has a public IP) to localhost(which is in my home network) through the SSH reverse tunnel . I need to type from anywhere SSH commands on my localhost.

Thanks for your help Stefa ...