LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 02-28-2010, 03:38 PM   #1
wgcampbell
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Rep: Reputation: 0
netcat or socat expert needed


I have a reverse ssh connection established from a remote machine to my local machine - it is established with autossh from the remote machine - I know it is connecting because I can see the two ssh processes on the local machine - and, when I kill the two ssh processes, two new ssh processes are immediately established.

But I cannot login to the port on the local machine. I have tried everything - it simply refuses to connect. This remote machine is miles away and not readily accessible.

Code:
ssh -p 7766 -vvv user[at_sign]192.168.1.108
OpenSSH_5.1p1 Debian-6ubuntu2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.108 [192.168.1.108] port 7766.
debug1: Connection established.
debug1: identity file /home/guest/.ssh/identity type -1
debug1: identity file /home/guest/.ssh/id_rsa type -1
debug1: identity file /home/guest/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
I'm wondering if there is some way I could utilize netcat or socat to "tap into" this connection from my local machine??? (My ultimate goal would be to get to a shell on the remote machine.)
 
Old 03-01-2010, 01:21 AM   #2
raymor
Member
 
Registered: Nov 2005
Posts: 59

Rep: Reputation: 20
You would need to set that up on the remote machine BEFORE establishing
the SSH connection. SSH simply doesn't give the server a shell on the
client. So regardless if you could somehow "tap into" the connection,
you'd only end up with a shell on the sever, the local machine.
In other words:

> have a reverse ssh connection established

What you have is a normal SSH which you wish you could use in
reverse, but you can't.

To set that up BEFORE making the connection, you'd redirect the STDIN
and STDOUT to named pipes, local sockets, fifos, or some other type of IPC.
The idea is that you'd be doing something roughly similar too:

ssh otherbox.com "tail -f </tmp/input" >/bin/bash

That is, on the machine you are connectiong to, you'd be telling SSH
to read some file/socket/pipe/fifo, then redirect it's output to a local shell.

Most likely, though, to tolve your problem you need to forget everything
I just said and everything in your original post. Instead, go back a step
or two and think about what your problem is or what you need to do, as
opposed to the METHOD you've been thinking you want to use. You need to
admister a remote server/ How about connecting TO it via SSH rather than
FROM it? A KVM? IPMI? A serial ca ble connected to another remote machine?
 
1 members found this post helpful.
Old 03-01-2010, 06:21 AM   #3
KenJackson
Member
 
Registered: Jul 2006
Location: Maryland, USA
Distribution: Fedora, Arch
Posts: 572

Rep: Reputation: 64
I'm guessing that you can't just ssh from the local machine to the remote, or else you wouldn't be asking this. Perhaps the remote machine is your office desk PC behind your employer's NAT firewall.

I think there is a way to solve this, though I haven't done it. These are the steps that I think would work:
  • Pick an unused port above 1024.
  • Configure sshd on the remote machine to listen to that port (it may listen to multiple ports).
  • Use the DynamicForward configuration item in you ~/.ssh/config file on the remote machine to forward the port you picked.
  • On the local machine, ssh to the remote using the port you forwarded.
This way, you would be opening up a new SSH connection from local to remote, but it is being carried in what is essentially a VPN connection over the other SSH connection.

If it works let us know.
 
1 members found this post helpful.
Old 03-01-2010, 10:14 AM   #4
wgcampbell
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Original Poster
Rep: Reputation: 0
Ray & Ken -

Thanks very much for your suggestions - I think you've convinced me that even though this connection exists, there is no way to use it as it is now set up.

And yes, it is a situation where the server is behind a wireless network - and I have no control over that network. It would take a 1,200 mile plane ride to fix it. It working working at one point, but I must have done something to cause it to stop accepting ssh connections. It doesn't even give me the opportunity to login - it simply responds as you see in my first post.

Again, you have convinced me that there is no way to fix this without accessing the remote machine. It's just strange that a person is always concerned that someone will hack into his or her machine - in this case I know all the pertinent details about this remote machine - even have an established connection, but yet I am helpless!
 
Old 03-01-2010, 11:07 AM   #5
raymor
Member
 
Registered: Nov 2005
Posts: 59

Rep: Reputation: 20
Quote:
Originally Posted by wgcampbell View Post
[CODE]ssh -p 7766 -vvv user[at_sign]192.168.1.108
I'm assuming you edited that IP and you are not actually trying to
connect to 192.168.1.108? 192.168.1.108 is of course not a remote
IP unless you have a VPN connection to the remote network.
 
Old 03-01-2010, 01:39 PM   #6
wgcampbell
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Original Poster
Rep: Reputation: 0
Ray -

As I mentioned in my first post, the remote machine has established a reverse ssh connection to my local machine.

So I would login to either localhost or the actual ip address of my local machine to access that reverse connection. I have found through research and experimentation that when establishing the reverse connection (from the remote machine) one is better off to specifically designate the ip address of the local machine, rather than using localhost.

I hope that makes sense??
 
  


Reply

Tags
netcat, reverse, ssh, tunnel


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba expert needed! martinlangley Linux - Networking 6 06-11-2009 01:31 PM
lm_sensors expert needed! Fezar Linux - Newbie 5 03-19-2007 04:17 PM
expert help needed with bash and bc karistouf Programming 5 06-22-2005 01:55 AM
bash expert help needed illtbagu Programming 15 10-05-2004 09:15 PM
Expert help with iptables needed k1mgy Linux - Networking 2 08-01-2004 08:21 AM


All times are GMT -5. The time now is 01:09 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration