I logged in to a HPC using:
ssh -p 2222 user#hpc.edu
and then started Jupyter notebook using:
jupyter notebook --no-browser --port=9999
I got a url:
http://localhost:9999/?token=0518475c55eaafb82abce7d2d5344b48174012
Then I tried to access the Jupyter notebook remotely using my computer:
ssh -p 2222 user#hpc.edu -L 9999:localhost:9999 -N
The connection is refused after taking a long time:
channel 2: open failed: connect failed: Connection refused
I remember earlier being able to access the notebook by not putting
-p 2222
in the ssh command anywhere. But now I have to do it to ssh remotely. Is there any other change of command needed to access the jupyter notebook remotely?
EDIT:
I added -v -v to the command that I executed on my computer. Here is what it says:
password: debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug1: Authentication succeeded (keyboard-interactive). Authenticated to bridges.psc.edu ([128.182.108.57]:2222). debug1: Local connections to LOCALHOST:9999 forwarded to remote address localhost:9999 debug1: Local forwarding listening on ::1 port 9999. debug2: fd 4 setting O_NONBLOCK debug1: channel 0: new [port listener] debug1: Local forwarding listening on
127.0.0.1 port 9999. debug2: fd 5 setting O_NONBLOCK debug1: channel 1: new [port listener] debug2: fd 3 setting TCP_NODELAY debug1: Requesting no-more-sessions#openssh.com debug1: Entering interactive session. debug1: pledge: network debug1: client_input_global_request: rtype keepalive#openssh.com want_reply 1 debug1: Connection to port 9999 forwarding to localhost port 9999 requested. debug2: fd 6 setting TCP_NODELAY debug2: fd 6 setting O_NONBLOCK debug1: channel 2: new [direct-tcpip] channel 2: open failed: connect failed: Connection refused debug2: channel 2: zombie debug2: channel 2: garbage collecting debug1: channel 2: free: direct-tcpip: listening port 9999 for localhost port 9999, connect from 127.0.0.1 port 54542 to
127.0.0.1 port 9999, nchannels 3 debug1: Connection to port 9999 forwarding to localhost port 9999 requested. debug2: fd 6 setting TCP_NODELAY debug2: fd 6 setting O_NONBLOCK debug1: channel 2: new [direct-tcpip] channel 2: open failed: connect failed: Connection refused
I had tried to follow this:
http://ipyrad.readthedocs.io/HPC_Tunnel.html
This one works for me. First, start Jupyter from your server using:
jupyter notebook --no-browser --port=7002
Then from your local machine, you can tunnel to Jupyter using the following code
ssh -N -f -L localhost:7001:localhost:7002 user#hpc.edu
Now you can access the Jupyter from your local machine by browsing localhost:7001
More details can be found here: here
Related
I've deployed a simple Clojure web app to Jelastic in a Tomcat container. The Clojure app starts a REPL on port 7001. I have Jelastic SSH Gate set up and working. I SSH into the tomcat node with port forwarding by running this in the terminal on my local machine (where XXX are numbers):
ssh -L 7001:localhost:7001 XXXXX-XXXX#gate.paas.massivegrid.com -p 3022 -N -vv
Then on my local machine I run
lein repl :connect 7001
On the local machine I see:
Connecting to nREPL at 127.0.0.1:7001
ConnectException Connection refused (Connection refused)
On the tomcat node terminal window I see
debug1: Connection to port 7001 forwarding to localhost port 7001 requested.
debug2: fd 10 setting TCP_NODELAY
debug1: channel 2: new [direct-tcpip]
channel 2: open failed: connect failed: Connection refused
debug2: channel 2: zombie
debug2: channel 2: garbage collecting
debug1: channel 2: free: direct-tcpip: listening port 7001 for localhost port 7001, connect from 127.0.0.1 port 57311 to 127.0.0.1 port 7001, nchannels 3
What am I doing wrong? Is this something to do with the way that Jelastic manages ports?
=====================
EDIT: Actually port forwarding works fine
The problem was with the app.
For reference, here's how to check that port forwarding is working on Jelastic. The Jelastic node doesn't have netcat installed so you can't just run netcat -l 7001. However, it does have perl installed, so you can write a perl script to create a listener socket and then run that script on the Jelastic server:
(EDIT 2019_04_06: Instead of using perl script below, just use python -m SimpleHTTPServer 7001 - see comments)
use IO::Socket::INET;
# auto-flush on socket
$| = 1;
# creating a listening socket
my $socket = new IO::Socket::INET (
LocalHost => '0.0.0.0',
LocalPort => '7001',
Proto => 'tcp',
Listen => 5,
Reuse => 1
);
die "cannot create socket $!\n" unless $socket;
print "server waiting for client connection on port 7777\n";
while(1)
{
# waiting for a new client connection
my $client_socket = $socket->accept();
# get information about a newly connected client
my $client_address = $client_socket->peerhost();
my $client_port = $client_socket->peerport();
print "connection from $client_address:$client_port\n";
# read up to 1024 characters from the connected client
my $data = "";
$client_socket->recv($data, 1024);
print "received data: $data\n";
# write response data to the connected client
$data = "ok";
$client_socket->send($data);
# notify client that response has been sent
shutdown($client_socket, 1);
}
$socket->close();
(script from here).
Use nano to write the above into a script listener.pl on the Jelastic node then run perl listener.pl on that node.
On your local machine run
ssh -L 7001:localhost:7001 XXXXX-XXXX#gate.paas.massivegrid.com -p 3022
Then on local machine try curl localhost:7001 and in the terminal for the Jelastic node you should see something like
received data: GET / HTTP/1.1
Host: localhost:7777
User-Agent: curl/7.54.0
Accept: */*
Scenario...
WiFi Network home = Can connect with my Digital Ocean servers fine via SSH;
WiFi Network work = Can't connect with my Digital Ocean servers via SSH;
WiFi Network work SSH debug:
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22.
debug1: connect to address xxx.xxx.xxx.xxx port 22: Connection timed out
ssh: connect to host xxx.xxx.xxx.xxx port 22: Connection timed out
Anyone?
Try to check with nc
nc -zvw4 your_host 22
If not open - probably 22 port not allowed in your network, you can ask your network administrator about it
on your server make forward from 443 to 22 via iptables, for example:
iptables -t nat -I PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 22
I have a virtual machine located inside a private network.
So firstly, I should come in server.com and then come in my-machine.
I want to make ssh-tunnel from my laptop to my-machine.
ssh -v -A -nNT -L 40000:127.0.0.1:40000 login#server.com ssh -v -nNT -L 40000:127.0.0.1:40000 my-machine &
Now I want to test ssh-tunnel with netcat.
I run at my-machine:
nc -l 40000
At my laptop:
~ ❯❯❯ nc 127.0.0.1 40000
But it gives me:
debug1: Connection to port 40000 forwarding to 127.0.0.1 port 40000 requested.
debug1: channel 2: new [direct-tcpip]
channel 2: open failed: connect failed: Connection refused
debug1: channel 2: free: direct-tcpip: listening port 40000 for 127.0.0.1 port 40000, connect from 127.0.0.1 port 49692 to 127.0.0.1 port 40000, nchannels 3
Why this happen and how to fix it? I expected that anything I type in my laptop console will appear in my-machine console.
What last string means? Especially 127.0.0.1 port 49692 why this port is used? I never type it.
debug1: channel 2: free: direct-tcpip: listening port 40000 for 127.0.0.1 port 40000, connect from 127.0.0.1 port 49692 to 127.0.0.1 port 40000, nchannels 3
Every TCP connection is point to point needs two pairs of IP addresses and ports. Reading all the message (not just the part you showed):
connect from 127.0.0.1 port 49692
So indeed you are connecting to the port 40000, but you are connecting from port 49692 (randomly assigned for your netcat or some of the forwarded steps).
How to fix this problem?
This double-jump forwarding does not work, because you need the second established before the first one.
Also you are using -N switch for the first command, which is preventing running the second ssh command.
But I would give it a shot with ProxyCommand, which will make you connect to the destination with single command directly from your host:
ssh -v -nNT -L 40000:127.0.0.1:40000 \
-oProxyCommand="ssh -W %h:%p login#server.com" my-machine &
I'm a newbie with everything network related and i want to access a remote client through another server (tunnel),
say for example a remote client 11.11.111.111 with username user2 and password2 , and a tunnel through 11.11.10.01 with username user1 and password1
I can ping successfully the adress tunnel address.
but when i try to access the remote client using cygwin :
ssh -vv -o 'ProxyCommand ssh -vv user1#11.11.10.01 nc %h %p' user2#11.11.111.111
I get this error :
OpenSSH_6.4, OpenSSL 1.0.1f 6 Jan 2014
debug2: ssh_connect: needpriv 0
debug1: Executing proxy command: exec ssh -vv user1#11.11.10.01 nc 11.11.111.111 22
debug1: permanently_drop_suid: 146765
debug1: identity file /home/user1/.ssh/id_rsa type -1
debug1: identity file /home/user1/.ssh/id_rsa-cert type -1
debug1: identity file /home/user1/.ssh/id_dsa type -1
debug1: identity file /home/user1/.ssh/id_dsa-cert type -1
debug1: identity file /home/user1/.ssh/id_ecdsa type -1
debug1: identity file /home/user1/.ssh/id_ecdsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.4
OpenSSH_6.4, OpenSSL 1.0.1f 6 Jan 2014
debug2: ssh_connect: needpriv 0
debug1: Connecting to 11.11.10.01 [11.11.10.01] port 22.
debug1: connect to address 11.11.10.01 port 22: Connection timed out
ssh: connect to host 11.11.10.01 port 22: Connection timed out
ssh_exchange_identification: Connection closed by remote host
Is my command correct, any ideas on possible causes ?
are there ways i can troubleshoot (preferbly on my machine and not on server and remote client) ?
I believe it is just a partial answer but try connecting with ssh to 11.11.10.01 with:
ssh user1#11.11.10.01 -L20022:11.11.111.111:22
and then in another window connect via:
ssh user2#127.0.0.1 -p20022
In such way you will get your error in the first terminal window.
I am trying to establish a ssh connection with another machine with a port which is already occupied by some other resource
The SSH is not getting timed out
> ssh -v -p 8080 10.10.10.10
OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.10.10.10 [ 10.10.10.10 ]
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established
debug1: identify file /home/abc/.ssh/identity type -1
debug1: identify file /home/abc/.ssh/id_rsa type -1
debug1: identify file /home/abc/.ssh/id_dsa type 2
debug1: ssh_exchange_identification :
debug1: ssh_exchange_identification : \022\\[
debug1: ssh_exchange_identification : \022\\Z
debug1: ssh_exchange_identification : \022\\[
debug1: ssh_exchange_identification : \022\\Z
debug1: ssh_exchange_identification : \022\\[
Machine 10.10.10.10 is up and running properly . Port 8080 already occupied by some other resource . The above logs are not ending . Its not getting timed out.
I tried adding with the parameter ConnectTimeout , but no change in the behaviour .
I am expecting some message this
ssh -v -p 77 10.10.10.10
OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.10.10.10 [ 10.10.10.10 ] port 77.
debug1: connect to address 10.10.10.10 port 77 : Connection refused
>
Why this behavior of SSH. Please help ..
You get that Connection refused only, when there is no program listening on port 77. The program listening on that port is waiting for connections, but it can't understand what ssh is sending (i.e. the ssh protocol).