Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 15:52 +1200, Jim Tittsler wrote:
Have you tried using SSH's ControlMaster feature? ('man ssh_config')
You can establish an initial SSH connection and subsequent connections
to the host will reuse the master connection instead of initiating new
ones.
Jim - just wanted to say thank you.
So far using ControlMaster option seems to have made a huge
improvement.
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu 23 Jul 2009 14:40:03 NZST +1200, Phill Coxon wrote: Sometime in the last few months Hostgator.com upgraded their firewall so that if too many connections from the same ip address get opened within a small period of time, the ip gets blocked temporarily for between 2 and 30 minutes. Does anyone know if it's possible to limit the number of outgoing simultaneous ssh connections Yes, put IP packet filter rules into place. That'll then give you errors, but won't get you locked out. Or use one of the other good suggestions. Volker -- Volker Kuhlmann is list0570 with the domain in header http://volker.dnsalias.net/ Please do not CC list postings to me.
Re: OT: VPN Re: How can I limit the maximum number of outgoing SFTP connections?
steve wrote, On 23/07/09 15:46: On Thu, 2009-07-23 at 15:26 +1200, Phill Coxon wrote: DSL 504T is fine. I've got a company with a satellite office on NI connected via OpenVPN / Samba, and keep stuff in sync over it. Both ends use these. I've given up getting decent ADSL kit, and just use consumer - level stuff, but with a spare ready configured for if/when the inevitable happens. You will have to port forward traffic on UDP/1194 ( by default - I have also tried setting it up on TCP/22 to take advantage of ssh QOS but not much difference really ) to the openvpn server you set up, and that's about it. Push your routing from the server, and it all just works! I agree with Steve - look at some kind of permanent VPN. OpenVPN might be okay (what I use at home) or for real true two-way routing you'd want an ipsec tunnel. Both are secure and sncrypted and both come as open source solutions. You should stay away from pptp. As for which routers to use, ones that work. We use cisco because it either works or it gives you the tools to see why thins are not working. And ciscos can terminate ipsec tunnels. However they're not cheap. -- Craig Falconer
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 14:40 +1200, Phill Coxon wrote: I have a problem working with remote servers hosted at hostgator.com using SFTP. I use sftp:// in konquorer to copy files back and forth between the server and my local computer. Sometime in the last few months Hostgator.com upgraded their firewall so that if too many connections from the same ip address get opened within a small period of time, the ip gets blocked temporarily for between 2 and 30 minutes. The trouble is that if I copy a bunch of files, or change directories several times using the sftp:// interface, it gets triggered and I get locked out. Does anyone know if it's possible to limit the number of outgoing simultaneous ssh connections in konqueror using sftp:// to prevent this happening? I really need some way to force the same ssh session to be used... Thanks! Knowing nothing whatsoever about hostgator, is it possible to set up your own private vpn and use that instead??? Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 14:46 +1200, steve wrote: Knowing nothing whatsoever about hostgator, is it possible to set up your own private vpn and use that instead??? Hmmm. It's unlikely given this I'm working with clients on shared hostgator accounts with jailshell ssh rather than a dedicated server where I have any sort of useful control. I haven't set up a vpn before but have been thinking about setting one up so that I can access my office remotely via VPN when I'm out of town. However... from what I read my DLink 504T ADSL modem pretty much sucks for vpn use.. Any recommendations for a great vpn compatible ADSL modem?
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 14:40 +1200, Phill Coxon wrote: I use sftp:// in konquorer to copy files back and forth between the server and my local computer. Try using a different client, I'd try the command line client to start with. hads -- http://nicegear.co.nz New Zealand's Open Source Hardware Supplier
OT: VPN Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 15:26 +1200, Phill Coxon wrote: On Thu, 2009-07-23 at 14:46 +1200, steve wrote: Knowing nothing whatsoever about hostgator, is it possible to set up your own private vpn and use that instead??? Hmmm. It's unlikely given this I'm working with clients on shared hostgator accounts with jailshell ssh rather than a dedicated server where I have any sort of useful control. I haven't set up a vpn before but have been thinking about setting one up so that I can access my office remotely via VPN when I'm out of town. However... from what I read my DLink 504T ADSL modem pretty much sucks for vpn use.. Any recommendations for a great vpn compatible ADSL modem? DSL 504T is fine. I've got a company with a satellite office on NI connected via OpenVPN / Samba, and keep stuff in sync over it. Both ends use these. I've given up getting decent ADSL kit, and just use consumer - level stuff, but with a spare ready configured for if/when the inevitable happens. You will have to port forward traffic on UDP/1194 ( by default - I have also tried setting it up on TCP/22 to take advantage of ssh QOS but not much difference really ) to the openvpn server you set up, and that's about it. Push your routing from the server, and it all just works! My default setup for administering a web server ( when I can ) is to tunnel all traffic through a VPN, and have an emergency ssh port on the internet side, locked down to one user, and one ip address. Which is safe enough for most purposes ( and web devs can safely use their beloved ftp! ). Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: How can I limit the maximum number of outgoing SFTP connections?
On 2009-07-23 14:40, Phill Coxon wrote:
The trouble is that if I copy a bunch of files, or change directories
several times using the sftp:// interface, it gets triggered and I get
locked out.
[...]
I really need some way to force the same ssh session to be used...
Have you tried using SSH's ControlMaster feature? ('man ssh_config')
You can establish an initial SSH connection and subsequent connections
to the host will reuse the master connection instead of initiating new
ones.
It can be enabled by adding a stanza to your ~/.ssh/config similar to:
Host *
ControlMaster auto
ControlPath ~/.ssh/master...@%h.%p
ServerAliveInterval 60
ServerAliveCountMax 3
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 15:32 +1200, Hadley Rich wrote: On Thu, 2009-07-23 at 14:40 +1200, Phill Coxon wrote: I use sftp:// in konquorer to copy files back and forth between the server and my local computer. Try using a different client, I'd try the command line client to start with. I'm using the GUI for a reason - it saves a massive amount of time. I can drag and drop 10 files in a directory in 2-3 seconds as opposed to trying to find and type the 10 file names separately on the command line (even using tab completion). There's way too much potential for typing error on the command line. I'll see what other SFTP clients I can dig up though...
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 15:52 +1200, Jim Tittsler wrote:
I really need some way to force the same ssh session to be used...
Have you tried using SSH's ControlMaster feature? ('man ssh_config')
You can establish an initial SSH connection and subsequent connections
to the host will reuse the master connection instead of initiating new
ones.
Aha! That may be exactly what I'm looking for.
I'll check it out.
Thanks Jim!
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 15:58 +1200, Phill Coxon wrote: I'm using the GUI for a reason - it saves a massive amount of time. That's what shell expansion is for. What I actually meant was; try the command line client, if that works then perhaps it's your GUI that is the problem. hads -- http://nicegear.co.nz New Zealand's Open Source Hardware Supplier
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 16:07 +1200, Hadley Rich wrote: On Thu, 2009-07-23 at 15:58 +1200, Phill Coxon wrote: I'm using the GUI for a reason - it saves a massive amount of time. That's what shell expansion is for. What I actually meant was; try the command line client, if that works then perhaps it's your GUI that is the problem. hads Or subversion... -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, Jul 23, 2009 at 3:58 PM, Phill Coxon phi...@xtra.co.nz wrote: On Thu, 2009-07-23 at 15:32 +1200, Hadley Rich wrote: On Thu, 2009-07-23 at 14:40 +1200, Phill Coxon wrote: I use sftp:// in konquorer to copy files back and forth between the server and my local computer. Try using a different client, I'd try the command line client to start with. I'm using the GUI for a reason - it saves a massive amount of time. I can drag and drop 10 files in a directory in 2-3 seconds as opposed to trying to find and type the 10 file names separately on the command line (even using tab completion). There's way too much potential for typing error on the command line. I'll see what other SFTP clients I can dig up though... lftp http://lftp.yar.ru/ Its purely awesome. You get remote SFTP access just as if it were local files, tab-completion, job control ( each transfer can be 'd ) , everything, even has a mirror command that JustWorks and doesn't slip into nasty recursion problems. Also works for plain-old ftp and in some cases, you can spider websites with it like they were filesystems! -- Kent perl -e print substr( \edrgmaM SPA nocomil.i...@tfrken\, \$_ * 3, 3 ) for ( 9,8,0,7,1,6,5,4,3,2 );
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, Jul 23, 2009 at 4:07 PM, Hadley Rich h...@nice.net.nz wrote: On Thu, 2009-07-23 at 15:58 +1200, Phill Coxon wrote: I'm using the GUI for a reason - it saves a massive amount of time. That's what shell expansion is for. last time I used the standard sftp client ( ages ago , before I switched to lftp ) , it neither supported shell expansion or even readline support :/ -- Kent
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 16:16 +1200, Kent Fredric wrote: last time I used the standard sftp client ( ages ago , before I switched to lftp ) , it neither supported shell expansion or even readline support :/ My apologies, I was thinking of scp, which works fine with shell expansion. hads -- http://nicegear.co.nz New Zealand's Open Source Hardware Supplier
Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 16:07 +1200, Hadley Rich wrote: What I actually meant was; try the command line client, if that works then perhaps it's your GUI that is the problem. Ok, I get what you're saying now. It's definitely the GUI (konqueror). When I select 5 files on the remote server and use right mouse button - Open with Quanta to edit I'm guessing it tries to open 5 new ssh connections to the remove server at once rather than using a single connection to transfer all 5 files. Hopefully Jim's suggestion of adjusting the ControlMaster settings will help. I'll be trying that later. Thanks.
Re: OT: VPN Re: How can I limit the maximum number of outgoing SFTP connections?
On Thu, 2009-07-23 at 15:45 +1200, steve wrote: DSL 504T is fine. I've got a company with a satellite office on NI connected via OpenVPN / Samba, and keep stuff in sync over it. Both ends use these. I've given up getting decent ADSL kit, and just use consumer - level stuff, but with a spare ready configured for if/when the inevitable happens. Cool! Sounds much easier than I had thought. I'll have a crack at setting this up next week when I have some spare time and let you know what issues, if any, I get stuck on.
