Re: Remote ssh tunnel in background or script?
Kevin Kinsey wrote:
> Greetings!
>
> In order to continue to allow them to connect to an outbound
> SMTP box on the LAN, I've done this on their server:
>
> sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox
I wrote a script to get around my home firewall, it doesn't do exactly
as you want but that only requires changing the ssh bit. I call it
from cron so it stays alive, if it dies it will re-connect otherwise
it just checks a lock file.
It may be of use
David
#!/usr/bin/perl
##
## PURPOSE:
## run reverse ssh to work
##
## designed to be run from crontab. creates a lock file so that
## not more than one instance of the process is started
##
use strict;
use warnings;
## user crontab doesn't have permission in /var for lock file
## or for ports below 1024
my $username='username';
my $hostname="hostname";
my $address=$hostname.".somewhere.com";
my $port=$ARGV[0]; #2022;
my $lckfile="/tmp/revssh.${hostname}.pid";
sub start_ssh {
## fork process to start ssh
defined( my $pid=fork ) or die "cannot fork process: $!";
## parent - open lock file with child pid
if($pid) {
print "Starting process: $pid\n";
open(LOCKFILE,">$lckfile") or die "Cannot create lock file: $!";
print LOCKFILE "${pid}";
close(LOCKFILE);
} else {
## child - start ssh process
exec("ssh -qnNCX -R ${port}:localhost:22 ".
"${usernam...@${address}")
or die "cannot exec process\n";
}
}
## main
if(! -e $lckfile) {
start_ssh();
} else {
## get running(?) pid from pid file
@ARGV = ($lckfile);my $old_pid = ;
my $running = kill 0, $old_pid;
## lock file exists - is process still running?
if ( $running == 1 ) {
die "Process running: $old_pid\n";
} else {
## check lockfile was deleted!
if(! unlink $lckfile) {
die "Lockfile not deleted\n";
}
print "Orphan lock file - Lock file deleted\n\t";
start_ssh();
}
}
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
2009/11/9 Kevin Kinsey
> Svante Kvarnstrom wrote:
>
>> Hello
>>
>> Have you tried -f (for background) and -N for "Do not execute a remote
>> command"? See man 1 ssh for more details.
>>
>> Svante
>>
>
> Cheers for you!
>
> It was "-f" without "-N" that produced the error.
>
> I'm guessing I got down the manpage about as far as
> "-f" and didn't go any further. *beats head on desk*
>
> Thanks, Svante!
>
> For the archives:
>
> SMTP OVER SSH TUNNEL FREEBSD
>
> sudo ssh -f -N -L localname:24:remotename:52525 m...@remotename
>
> When SMTP is listening on "remotename" port 52525. "sudo" is needed
> to open the tunnel on the "localname" side on port 24 (a privileged
> port). You could do this as "root" on the local side, but shouldn't
> connect *to* root on the remote computer.
>
> On Nov 9, 2009, at 7:30 PM, Kevin Kinsey wrote:
>>
>> Greetings!
>>>
>>>
>>> sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox
>>>
>>> I've got Sendmail listening there on 52525, and it works
>>> fine; the local clients are told to connect to "thisbox"
>>> port 24. The only issue is that I have to run it from
>>> a terminal session. When I tried to bg the process ("cmdstring &")
>>> it doesn't work, exactly. I've gotten an error message
>>> at times*, and at other times I apparently get "thisbox"
>>> listening on port 24 but it's not an SMTP daemon that's
>>> listening.
>>>
>>> I have a feeling it's cause I'm in csh, which is notorious
>>> for backgrounding issues.At any rate, what I'd
>>> like to do is have a script set up the connection, or
>>> write some daemon that would monitor the connection and
>>> fix it if it gets reset. At any rate, if I could get this
>>> SSH process to detach from a terminal, it'd be great.
>>>
>>> Any suggestions?
>>>
>>> Kevin Kinsey
>>>
>>>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscr...@freebsd.org"
>
if you put it on a port > 1024 instead of 24 you wont need to run it as root
so can drop the sudo bit
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Svante Kvarnstrom wrote:
Hello
Have you tried -f (for background) and -N for "Do not execute a remote
command"? See man 1 ssh for more details.
Svante
Cheers for you!
It was "-f" without "-N" that produced the error.
I'm guessing I got down the manpage about as far as
"-f" and didn't go any further. *beats head on desk*
Thanks, Svante!
For the archives:
SMTP OVER SSH TUNNEL FREEBSD
sudo ssh -f -N -L localname:24:remotename:52525 m...@remotename
When SMTP is listening on "remotename" port 52525. "sudo" is needed
to open the tunnel on the "localname" side on port 24 (a privileged
port). You could do this as "root" on the local side, but shouldn't
connect *to* root on the remote computer.
On Nov 9, 2009, at 7:30 PM, Kevin Kinsey wrote:
Greetings!
sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox
I've got Sendmail listening there on 52525, and it works
fine; the local clients are told to connect to "thisbox"
port 24. The only issue is that I have to run it from
a terminal session. When I tried to bg the process ("cmdstring &")
it doesn't work, exactly. I've gotten an error message
at times*, and at other times I apparently get "thisbox"
listening on port 24 but it's not an SMTP daemon that's
listening.
I have a feeling it's cause I'm in csh, which is notorious
for backgrounding issues.At any rate, what I'd
like to do is have a script set up the connection, or
write some daemon that would monitor the connection and
fix it if it gets reset. At any rate, if I could get this
SSH process to detach from a terminal, it'd be great.
Any suggestions?
Kevin Kinsey
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Hello
Have you tried -f (for background) and -N for "Do not execute a remote
command"? See man 1 ssh for more details.
Svante
On Nov 9, 2009, at 7:30 PM, Kevin Kinsey wrote:
Greetings!
I have a client who recently dropped static IP service in
favor of a "cheaper" solution, so they're now on a DHCP network
blocking port 25, etc.
In order to continue to allow them to connect to an outbound
SMTP box on the LAN, I've done this on their server:
sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox
I've got Sendmail listening there on 52525, and it works
fine; the local clients are told to connect to "thisbox"
port 24. The only issue is that I have to run it from
a terminal session. When I tried to bg the process ("cmdstring &")
it doesn't work, exactly. I've gotten an error message
at times*, and at other times I apparently get "thisbox"
listening on port 24 but it's not an SMTP daemon that's
listening.
I have a feeling it's cause I'm in csh, which is notorious
for backgrounding issues.At any rate, what I'd
like to do is have a script set up the connection, or
write some daemon that would monitor the connection and
fix it if it gets reset. At any rate, if I could get this
SSH process to detach from a terminal, it'd be great.
Any suggestions?
Kevin Kinsey
* I'm sorry, but I can't reproduce the error message
this morning. IIRC, something to the effect of
"I can't do nothing, give me a command please?"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org
"
Best wishes,
Svante J. Kvarnström
http://sjk.ankeborg.nu/
Mob.: +46 702 38 34 00
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
On 9 nov 2009, at 20:36, patrick wrote: Check out /usr/ports/security/autossh autossh is a program to start a copy of ssh and monitor it, restarting it as necessary should it die or stop passing traffic. The original idea and the mechanism were from rstunnel (Reliable SSH Tunnel). With this version the method changes: autossh uses ssh to construct a loop of ssh forwardings (one from local to remote, one from remote to local), and then sends test data that it expects to get back. (The idea is thanks to Terrence Martin.) WWW: http://www.harding.motd.ca/autossh/ You don't need additional software for that: you can easily spawn a ssh session from ttys, which re-establishes itself when it fails: http://old.nabble.com/Re%3A-mysql-connection-through-ssl-tunnel-p20077382.html -- http://www.boosten.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Check out /usr/ports/security/autossh
autossh is a program to start a copy of ssh and monitor it, restarting
it as necessary should it die or stop passing traffic.
The original idea and the mechanism were from rstunnel (Reliable SSH
Tunnel). With this version the method changes: autossh uses ssh to
construct a loop of ssh forwardings (one from local to remote, one
from remote to local), and then sends test data that it expects to
get back. (The idea is thanks to Terrence Martin.)
WWW: http://www.harding.motd.ca/autossh/
Patrick
On Mon, Nov 9, 2009 at 10:30 AM, Kevin Kinsey wrote:
> Greetings!
>
> I have a client who recently dropped static IP service in
> favor of a "cheaper" solution, so they're now on a DHCP network
> blocking port 25, etc.
>
> In order to continue to allow them to connect to an outbound
> SMTP box on the LAN, I've done this on their server:
>
> sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox
>
> I've got Sendmail listening there on 52525, and it works
> fine; the local clients are told to connect to "thisbox"
> port 24. The only issue is that I have to run it from
> a terminal session. When I tried to bg the process ("cmdstring &")
> it doesn't work, exactly. I've gotten an error message
> at times*, and at other times I apparently get "thisbox"
> listening on port 24 but it's not an SMTP daemon that's
> listening.
>
> I have a feeling it's cause I'm in csh, which is notorious
> for backgrounding issues. At any rate, what I'd
> like to do is have a script set up the connection, or
> write some daemon that would monitor the connection and
> fix it if it gets reset. At any rate, if I could get this
> SSH process to detach from a terminal, it'd be great.
>
> Any suggestions?
>
> Kevin Kinsey
>
> * I'm sorry, but I can't reproduce the error message
> this morning. IIRC, something to the effect of
> "I can't do nothing, give me a command please?"
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Kevin Kinsey a écrit :
Greetings!
I have a client who recently dropped static IP service in
favor of a "cheaper" solution, so they're now on a DHCP network
blocking port 25, etc.
In order to continue to allow them to connect to an outbound
SMTP box on the LAN, I've done this on their server:
sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox
I've got Sendmail listening there on 52525, and it works
fine; the local clients are told to connect to "thisbox"
port 24. The only issue is that I have to run it from
a terminal session. When I tried to bg the process ("cmdstring &")
it doesn't work, exactly. I've gotten an error message
at times*, and at other times I apparently get "thisbox"
listening on port 24 but it's not an SMTP daemon that's
listening.
I have a feeling it's cause I'm in csh, which is notorious
for backgrounding issues.At any rate, what I'd
like to do is have a script set up the connection, or
write some daemon that would monitor the connection and
fix it if it gets reset. At any rate, if I could get this
SSH process to detach from a terminal, it'd be great.
Any suggestions?
Kevin Kinsey
* I'm sorry, but I can't reproduce the error message
this morning. IIRC, something to the effect of
"I can't do nothing, give me a command please?"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscr...@freebsd.org"
Try screen ( /usr/ports/sysutils/screen )
screen -S to run the session
Ctrl-a Ctrl-z to get out of this session and let it run in background
screen -r to return in this session.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
