I want to access machine A which is behind the firewall through a jump host from machine B.
I want to do the same either via ssh keys or via username and password.
What will be the steps and the commands to achieve the same?
The feature is called port forwarding:
ssh -L localport:machine-a-address.domain:remote-port machine-b
Then you can simply use localpott on localhost to access the remote service on machine-a, for example:
telnet localhost localport
Related
As per another QA, it's possible to setup a Ubuntu KVM with minimal infrastructure, directly with qemu / kvm alone (without virsh or any some such).
What's missing is the ability to ssh into it. (Using the default serial console is slow and some key bindings don't work, e.g., cannot go to the start of the line with control+A.)
What's the simplest hackish way to bind a single port on the host machine (e.g., 8022) to a given port on the virtualised one (e.g., 22), without setting up extra bridge networks, firewall rules or configuration files?
The simplest non-KVM-specific way I could think of would be to use ssh to ssh from the guest back to the host, with using the -R [bind_address:]port:host:hostport option of ssh, e.g., ssh -R "8022:[::1]:22" guest#10.0.2.2, but then this requires setting up a new user on the host and sharing login credentials between the host and the guest. Is there a simpler way?
P.S. The network on the guest already works, and you can already access the host from the guest, but I couldn't find a way to access the guest from within the host through IP (without setting up complex bridge networks).
The answer appears to be pretty straightfoward — as per https://unix.stackexchange.com/questions/124681/how-to-ssh-from-host-to-guest-using-qemu, just add the following to the kvm options, to forward the port 1810 on the host to 22 on the guest:
-net nic -net user,hostfwd=tcp::1810-:22
E.g.,
kvm -m 2048 -smp 2 -hda ubuntu-18.10-server-cloudimg-amd64.img -hdb user-data.img -net nic -net user,hostfwd=tcp::1810-:22 -nographic
Then you can ssh into the machine w/ ssh ubuntu#localhost -p1810.
I am in a situation where I am running my GridServer and Nodes on the cloud and
when I want to access the Grid I use:
http://someip:4444/grid/console
When I want to access the node I use:
http:someip:<nodeport>/wd/hub
I think its a kind of threat as the IPs are publicly accessible. How can I limit that it shouldn't be opened by external users.
Is there any solution for it?
Selenium is not supporting that.
For that purposes you should make a p2p connection between you and grid.
VPN or ssh tunnel will work. Just forward remote server port to a local port:
ssh user#SERVER -L 4444:127.0.0.1:4444
Now, connecting to a local 4444 port will forward you to the remote address "SERVER". All the connection is secured by ssh login/password now and the traffic is hidden in a secure tunnel.
This is pretty embarrassing, but I'm completely new to and know nothing about SSH other than that it's used to connect to a server remotely.
I'm given the following information:
HostName somename(from local network) or some.ip.add.ress(for connecting from outside network)
Port 12345
User someusername
identityfile ~/.ssh/someidfile
in case of ssh-ing to server other than somename (above),
ProxyCommand ssh -W %h:%p name#address
So let's say I want to ssh to that server remotely.
Do I need them to make me an account to be able to do so?
Also, supposing that I ssh from the outside network, what would be the exact syntax?
Finally, if someone has installed some application on the server, say xcode, do you get to share the application installed once you ssh to the same server?
I know these sound like dumb questions to most of you, but please help me out.
(I'm working on Maverick btw.)
ssh -i /path/to/identityfile -p 12345 someusername#some.ip.add.ress
should work
It seems that you already have account.
No. You cannot share application via SSH
I have Meteor running on a local virtual machine on Windows which is accessible using the IP address of 192.168.56.111
When I use Robomongo, I use this IP address and point it to port 3001 and I an unable to connect.
Should I expect it to connect? If not, is there anything I need to do to get it to connect?
Setup SSH server on Windows and then simply create SSH tunnel:
ssh -L27018:192.168.56.111:3001 user#host
After that open Robomongo and connect to localhost:27018. That's it!
This technique I'm using successfully to connect to production database.
With meteor the database that runs is bound to 127.0.0.1, so it will not be accessible on other IPs. I think this was done for a security reason, though not sure.
You should use the local IP/127.0.0.1 instead of 192.168.56.11.
I got access via SSH (root access) to a Machine that's inside a network at my client's office.
I'm programming in my computer a PHP application that needs to integrate to LDAP. The LDAP server is in another server at my client's network and not accesible from outside, however I can perfectly access it via the server I can connect to via SSH.
My question is: IS there anyway I can make a tunnel and setup a port in my computer to get the traffic forwarded to the LDAP server using my SSH connection to one of the computers on the network?
Thanks!!!!
Yes, ssh has a "-L" option to create a tunnel. That option takes 3 parameters, separated by colons (:). Local listen port, remote host, remote port.
ssh -L 9999:ldapserver:389 user#otherhost
Where 9999 is the local port that the tunnel will be created on. The ldapserver:389 bit tells it where to connect to on the other side.
Then, tell your application to connect to localhost:9999 (or whatever port you choose) and it will be tunneled across.