Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
On 5/23/05, Josh Rehman [EMAIL PROTECTED] wrote: On 5/23/05, André Carezia [EMAIL PROTECTED] wrote: No. Look for AllowTcpForwarding in /etc/ssh/sshd_config. I don't have permission to read that file - I'll contact the sysadmin. Thanks. Turns out that my hosting service has dissallowed usage of TCP forwarding for security concerns. Not sure what those concerns are. I may still be able to get them to turn it on though. André, your help was great - I wouldn't have known what to ask without you. Thanks again. -- It seemed to them that they did little but eat and drink and rest, and walk among the trees; and it was enough.- J.R.R. Tolkien, The Lord of the Rings, The Mirror of Galadriel
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
Josh Rehman wrote: On 5/22/05, *André Carezia* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: ssh -R 8080:localhost:80 [EMAIL PROTECTED] My apologies, I should have mentioned that that was what I tried. Here is the result: external$ telnet localhost 8080 You can't connect directly from external address. You have to connect to web server (on another port) and use ProxyPass to port 8080. -- André Carezia Eng. de Telecomunicações Carezia Consultoria - www.carezia.eng.br -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
Josh Rehman a écrit : On 5/22/05, *André Carezia* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: ssh -R 8080:localhost:80 [EMAIL PROTECTED] My apologies, I should have mentioned that that was what I tried. Here is the result: external$ telnet localhost 8080 Trying 127.0.0.1... telnet: connect to address 127.0.0.1 http://127.0.0.1/: Connection refused try telnet host 8080 not localhost -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
Josh Rehman wrote: [...] Does mod_proxy have some sort of priveledged access to ssh tunnels? Are you saying that my simple telnet test cannot work ever? Please send your replies to the list. internal[start server on 8080] internal[make sure server is listening] internalssh -R 8080:localhost:8080 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] externaltelnet localhost 8080 Connection Refused... It should work. Must be some non-default configuration in your provider. -- André Carezia Eng. de Telecomunicações Carezia Consultoria - www.carezia.eng.br -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
On 5/23/05, André Carezia [EMAIL PROTECTED] wrote: Josh Rehman wrote: [...] Does mod_proxy have some sort of priveledged access to ssh tunnels? Are you saying that my simple telnet test cannot work ever?Please send your replies to the list. Of course. Gmail Reply does not work correctly with this list, apparently. I should have checked it. internal[start server on 8080] internal[make sure server is listening] internalssh -R 8080:localhost:8080 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] externaltelnet localhost 8080 Connection Refused...It should work. Must be some non-default configuration in your provider. I agree. However I'm not sure how to look deeper into my providers configuration. I'm thinking that some usage of either ps or netstat could tell me what's going on. Thanks for your kind help.
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
Josh Rehman wrote: [...] I agree. However I'm not sure how to look deeper into my providers configuration. I'm thinking that some usage of either ps or netstat could tell me what's going on. No. Look for AllowTcpForwarding in /etc/ssh/sshd_config. -- André Carezia Eng. de Telecomunicações Carezia Consultoria - www.carezia.eng.br -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
On 5/23/05, André Carezia [EMAIL PROTECTED] wrote: No. Look for AllowTcpForwarding in /etc/ssh/sshd_config. I don't have permission to read that file - I'll contact the sysadmin. Thanks.
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
Josh Rehman wrote: A solution which I believe is quite elegant involves ssh'ing from the laptop to my external, statically IP'd host. I would then need to notify the externally running httpd that a tunnel is now available, and then use something like the ProxyPass directive to seemlessly forward client requests to the laptop. ssh -R 8080:localhost:80 [EMAIL PROTECTED] -- André Carezia Eng. de Telecomunicações Carezia Consultoria - www.carezia.eng.br -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
On 5/22/05, André Carezia [EMAIL PROTECTED] wrote: ssh -R 8080:localhost:80 [EMAIL PROTECTED] My apologies, I should have mentioned that that was what I tried. Here is the result: external$ telnet localhost 8080 Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Connection refused I tried with and without compression and trying some other options. I'm not sure how to troubleshoot past this. I suspect I could gleen some information from either sshd or stunnel or perhaps the netstat output but I am at a loss.
Re: HOWTO reverse proxy through an internal-server-initiated ssh tunnel?
I also tried other ports but without success.-- It seemed to them that they did little but eat and drink and rest, and walk among the trees; and it was enough.- J.R.R. Tolkien, The Lord of the Rings, The Mirror of Galadriel