Re: Remote ssh tunnel in background or script?
Kevin Kinsey wrote: > Greetings! > > In order to continue to allow them to connect to an outbound > SMTP box on the LAN, I've done this on their server: > > sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox I wrote a script to get around my home firewall, it doesn't do exactly as you want but that only requires changing the ssh bit. I call it from cron so it stays alive, if it dies it will re-connect otherwise it just checks a lock file. It may be of use David #!/usr/bin/perl ## ## PURPOSE: ## run reverse ssh to work ## ## designed to be run from crontab. creates a lock file so that ## not more than one instance of the process is started ## use strict; use warnings; ## user crontab doesn't have permission in /var for lock file ## or for ports below 1024 my $username='username'; my $hostname="hostname"; my $address=$hostname.".somewhere.com"; my $port=$ARGV[0]; #2022; my $lckfile="/tmp/revssh.${hostname}.pid"; sub start_ssh { ## fork process to start ssh defined( my $pid=fork ) or die "cannot fork process: $!"; ## parent - open lock file with child pid if($pid) { print "Starting process: $pid\n"; open(LOCKFILE,">$lckfile") or die "Cannot create lock file: $!"; print LOCKFILE "${pid}"; close(LOCKFILE); } else { ## child - start ssh process exec("ssh -qnNCX -R ${port}:localhost:22 ". "${usernam...@${address}") or die "cannot exec process\n"; } } ## main if(! -e $lckfile) { start_ssh(); } else { ## get running(?) pid from pid file @ARGV = ($lckfile);my $old_pid = ; my $running = kill 0, $old_pid; ## lock file exists - is process still running? if ( $running == 1 ) { die "Process running: $old_pid\n"; } else { ## check lockfile was deleted! if(! unlink $lckfile) { die "Lockfile not deleted\n"; } print "Orphan lock file - Lock file deleted\n\t"; start_ssh(); } } ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
2009/11/9 Kevin Kinsey > Svante Kvarnstrom wrote: > >> Hello >> >> Have you tried -f (for background) and -N for "Do not execute a remote >> command"? See man 1 ssh for more details. >> >> Svante >> > > Cheers for you! > > It was "-f" without "-N" that produced the error. > > I'm guessing I got down the manpage about as far as > "-f" and didn't go any further. *beats head on desk* > > Thanks, Svante! > > For the archives: > > SMTP OVER SSH TUNNEL FREEBSD > > sudo ssh -f -N -L localname:24:remotename:52525 m...@remotename > > When SMTP is listening on "remotename" port 52525. "sudo" is needed > to open the tunnel on the "localname" side on port 24 (a privileged > port). You could do this as "root" on the local side, but shouldn't > connect *to* root on the remote computer. > > On Nov 9, 2009, at 7:30 PM, Kevin Kinsey wrote: >> >> Greetings! >>> >>> >>> sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox >>> >>> I've got Sendmail listening there on 52525, and it works >>> fine; the local clients are told to connect to "thisbox" >>> port 24. The only issue is that I have to run it from >>> a terminal session. When I tried to bg the process ("cmdstring &") >>> it doesn't work, exactly. I've gotten an error message >>> at times*, and at other times I apparently get "thisbox" >>> listening on port 24 but it's not an SMTP daemon that's >>> listening. >>> >>> I have a feeling it's cause I'm in csh, which is notorious >>> for backgrounding issues.At any rate, what I'd >>> like to do is have a script set up the connection, or >>> write some daemon that would monitor the connection and >>> fix it if it gets reset. At any rate, if I could get this >>> SSH process to detach from a terminal, it'd be great. >>> >>> Any suggestions? >>> >>> Kevin Kinsey >>> >>> > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscr...@freebsd.org" > if you put it on a port > 1024 instead of 24 you wont need to run it as root so can drop the sudo bit ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Svante Kvarnstrom wrote: Hello Have you tried -f (for background) and -N for "Do not execute a remote command"? See man 1 ssh for more details. Svante Cheers for you! It was "-f" without "-N" that produced the error. I'm guessing I got down the manpage about as far as "-f" and didn't go any further. *beats head on desk* Thanks, Svante! For the archives: SMTP OVER SSH TUNNEL FREEBSD sudo ssh -f -N -L localname:24:remotename:52525 m...@remotename When SMTP is listening on "remotename" port 52525. "sudo" is needed to open the tunnel on the "localname" side on port 24 (a privileged port). You could do this as "root" on the local side, but shouldn't connect *to* root on the remote computer. On Nov 9, 2009, at 7:30 PM, Kevin Kinsey wrote: Greetings! sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox I've got Sendmail listening there on 52525, and it works fine; the local clients are told to connect to "thisbox" port 24. The only issue is that I have to run it from a terminal session. When I tried to bg the process ("cmdstring &") it doesn't work, exactly. I've gotten an error message at times*, and at other times I apparently get "thisbox" listening on port 24 but it's not an SMTP daemon that's listening. I have a feeling it's cause I'm in csh, which is notorious for backgrounding issues.At any rate, what I'd like to do is have a script set up the connection, or write some daemon that would monitor the connection and fix it if it gets reset. At any rate, if I could get this SSH process to detach from a terminal, it'd be great. Any suggestions? Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Hello Have you tried -f (for background) and -N for "Do not execute a remote command"? See man 1 ssh for more details. Svante On Nov 9, 2009, at 7:30 PM, Kevin Kinsey wrote: Greetings! I have a client who recently dropped static IP service in favor of a "cheaper" solution, so they're now on a DHCP network blocking port 25, etc. In order to continue to allow them to connect to an outbound SMTP box on the LAN, I've done this on their server: sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox I've got Sendmail listening there on 52525, and it works fine; the local clients are told to connect to "thisbox" port 24. The only issue is that I have to run it from a terminal session. When I tried to bg the process ("cmdstring &") it doesn't work, exactly. I've gotten an error message at times*, and at other times I apparently get "thisbox" listening on port 24 but it's not an SMTP daemon that's listening. I have a feeling it's cause I'm in csh, which is notorious for backgrounding issues.At any rate, what I'd like to do is have a script set up the connection, or write some daemon that would monitor the connection and fix it if it gets reset. At any rate, if I could get this SSH process to detach from a terminal, it'd be great. Any suggestions? Kevin Kinsey * I'm sorry, but I can't reproduce the error message this morning. IIRC, something to the effect of "I can't do nothing, give me a command please?" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org " Best wishes, Svante J. Kvarnström http://sjk.ankeborg.nu/ Mob.: +46 702 38 34 00 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
On 9 nov 2009, at 20:36, patrick wrote: Check out /usr/ports/security/autossh autossh is a program to start a copy of ssh and monitor it, restarting it as necessary should it die or stop passing traffic. The original idea and the mechanism were from rstunnel (Reliable SSH Tunnel). With this version the method changes: autossh uses ssh to construct a loop of ssh forwardings (one from local to remote, one from remote to local), and then sends test data that it expects to get back. (The idea is thanks to Terrence Martin.) WWW: http://www.harding.motd.ca/autossh/ You don't need additional software for that: you can easily spawn a ssh session from ttys, which re-establishes itself when it fails: http://old.nabble.com/Re%3A-mysql-connection-through-ssl-tunnel-p20077382.html -- http://www.boosten.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Check out /usr/ports/security/autossh autossh is a program to start a copy of ssh and monitor it, restarting it as necessary should it die or stop passing traffic. The original idea and the mechanism were from rstunnel (Reliable SSH Tunnel). With this version the method changes: autossh uses ssh to construct a loop of ssh forwardings (one from local to remote, one from remote to local), and then sends test data that it expects to get back. (The idea is thanks to Terrence Martin.) WWW: http://www.harding.motd.ca/autossh/ Patrick On Mon, Nov 9, 2009 at 10:30 AM, Kevin Kinsey wrote: > Greetings! > > I have a client who recently dropped static IP service in > favor of a "cheaper" solution, so they're now on a DHCP network > blocking port 25, etc. > > In order to continue to allow them to connect to an outbound > SMTP box on the LAN, I've done this on their server: > > sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox > > I've got Sendmail listening there on 52525, and it works > fine; the local clients are told to connect to "thisbox" > port 24. The only issue is that I have to run it from > a terminal session. When I tried to bg the process ("cmdstring &") > it doesn't work, exactly. I've gotten an error message > at times*, and at other times I apparently get "thisbox" > listening on port 24 but it's not an SMTP daemon that's > listening. > > I have a feeling it's cause I'm in csh, which is notorious > for backgrounding issues. At any rate, what I'd > like to do is have a script set up the connection, or > write some daemon that would monitor the connection and > fix it if it gets reset. At any rate, if I could get this > SSH process to detach from a terminal, it'd be great. > > Any suggestions? > > Kevin Kinsey > > * I'm sorry, but I can't reproduce the error message > this morning. IIRC, something to the effect of > "I can't do nothing, give me a command please?" > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Kevin Kinsey a écrit : Greetings! I have a client who recently dropped static IP service in favor of a "cheaper" solution, so they're now on a DHCP network blocking port 25, etc. In order to continue to allow them to connect to an outbound SMTP box on the LAN, I've done this on their server: sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox I've got Sendmail listening there on 52525, and it works fine; the local clients are told to connect to "thisbox" port 24. The only issue is that I have to run it from a terminal session. When I tried to bg the process ("cmdstring &") it doesn't work, exactly. I've gotten an error message at times*, and at other times I apparently get "thisbox" listening on port 24 but it's not an SMTP daemon that's listening. I have a feeling it's cause I'm in csh, which is notorious for backgrounding issues.At any rate, what I'd like to do is have a script set up the connection, or write some daemon that would monitor the connection and fix it if it gets reset. At any rate, if I could get this SSH process to detach from a terminal, it'd be great. Any suggestions? Kevin Kinsey * I'm sorry, but I can't reproduce the error message this morning. IIRC, something to the effect of "I can't do nothing, give me a command please?" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Try screen ( /usr/ports/sysutils/screen ) screen -S to run the session Ctrl-a Ctrl-z to get out of this session and let it run in background screen -r to return in this session. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"