I'm on a network which blocks all ports except 80 and 443. So, I'm trying to setup my remote machine to listen on port 80 or 443 (obviously done through some other network) but here's what I get:
ssh -i ~/.ssh/google_compute_engine dev#mymachine -p 80
ssh_exchange_identification: Connection closed by remote host
ssh -i ~/.ssh/google_compute_engine dev#mymachine -p 443
ssh_exchange_identification: read: Connection reset by peer
I already edited my /etc/ssh/sshd_config file and added Port 80 and Port 443 under Port 22 and restarted the ssh service as well. What am I missing here?
Also, mymachine is a machine hosted on google cloud compute engine.
Related
I have a google compute running CentOS 7, and I wrote up a quick test to try and communicate with it over port 9000 (from my home PC) - but I'm unexpectedly getting network errors.
This happens both with my test script (which attempts to send a payload) and even with plink.exe (which I'm just using to check the port availability).
>plink.exe -v -raw -P 9000 <external_IP>
Connecting to <external_IP> port 9000
Failed to connect to <external_IP>: Network error: Connection refused
Network error: Connection refused
FATAL ERROR: Network error: Connection refused
I've added my external IP to googles firewall (https://console.cloud.google.com/networking/firewalls) and set to allow ingress traffic over port 9000 (it's the lowest priority, at 1000)
I also updated firewalld in CentOS to allow TCP traffic over the port:
Redirecting to /bin/systemctl start firewalld.service
[foo#bar ~]$ sudo firewall-cmd --zone=public --add-port=9000/tcp --permanent
success
[foo#bar ~]$ sudo firewall-cmd --reload
success
I've confirmed my listener is running on port 9000
[foo#bar ~]$ netstat -npae | grep 9000
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 1000 18381 1201/python3
By default, CentOS 7 doesn't use iptables (just to be sure, I confirmed it wasn't running)
Am I missing something?
NOTE: Actual external IP replaced with <external_IP> placeholder
Update:
If I nmap my listener over port 9000 from the CentOS 7 compute instance over a local IP, like 127.0.0.1 I get some results. Interestingly, if I make the same nmap call over the servers external IP -- nadda. So this has to be a firewall, right?
external call
[foo#bar~]$ nmap <external_IP> -Pn
Starting Nmap 6.40 ( http://nmap.org ) at 2020-05-25 00:33 UTC
Nmap scan report for <external_IP>.bc.googleusercontent.com (<external_IP>)
Host is up (0.00043s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
22/tcp open ssh
3389/tcp closed ms-wbt-server
Nmap done: 1 IP address (1 host up) scanned in 4.87 seconds
Internal Call
[foo#bar~]$ nmap 127.0.0.1 -Pn
Starting Nmap 6.40 ( http://nmap.org ) at 2020-05-25 04:36 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.010s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
9000/tcp open cslistener
Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
In this case software running on the backend VM must be listening any IP (0.0.0.0 or ::), your's is listening to "127.0.0.1:9000" and it should be "0.0.0.0:9000".
The way to fix that it's to change the service config to listen to 0.0.0.0 instead of 127.0.0.1 .
Cheers.
my webserver runs ~ok, I can see that at least locally apache2 is responding to localhost and http://192.168.0.1 but if I try from another machine in the same subnet I can't see it. Of course I can ping/ssh the webserver and firewall is disabled. From the server if I try:
netstat -an | grep :80
I get:
tcp 0 0 192.168.0.1:80 0.0.0.0:* LISTEN
and my /etc/hosts just contains:
127.0.0.1 localhost
and I have a standard apache2.conf file. What can be wrong?
I am using nginX
nginx version: nginx/1.4.6 (Ubuntu)
I have an app listening TCP on IPv4 port besides 80.
How I can to proxy/forward from domain on TCP 80 to this port.
What keywords should I find or nginx configurations?
Thanks
I think what you need is reverse proxy
Here is great tutorial how to forward connection from nginx to apache
This tutorial shows how to forward connection from nginx on port 80 to apache on port 8080
There are some options:
You can use ssh-forwarding:
plink <ssh user>#<server_ip> -pw <ssh pass> -L 0.0.0.0:<external port>:<target ip in internal network>:<target port in internal network>
Create VPN by OpenVPN for example
Check here - https://unix.stackexchange.com/questions/290223/how-to-configure-nginx-as-a-reverse-proxy-for-different-port-numbers
I have a jetty server running under port 8080 on VM. VM in its turn runs on remote server under port 10000. Is it legit to address it as http://someremote.org:10000:8080/request? Or should I use SSH somehow?
What I was looking for is called ssh tunneling. You make a tunnel from your port to remote's machine port like that:
ssh -p 10000 -L 18080:localhost:8080 user#remote.host.org
18080 here is port, that you use on your local machine in order to get to remote's 8080 port.
i am trying to learn socket programming with PHP but quickly ran into binding errors on ports,now my attention is diverted onto solving port issues, how do i go about fully controlling ports on my machine, what commands do i use?
sudo netcat -z -vv localhost http
localhost [127.0.0.1] 80 (http): Connection refused
my problem is i get connection refused on port 80
and when i run a port scan on my iMac i only get
netcat -v -z -n -w 1 127.0.0.1 1-1023
127.0.0.1 88 (kerberos) open
127.0.0.1 548 (afpovertcp) open
127.0.0.1 631 (ipp) open
how do i add port 80 (http) open
to that list?
any help would be appreciated thanks