Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Is there a way to use putty SSH to create a VPN connection to my linux server so that I can connect my windows xp laptop through my Linux box's IP?
I've tried installing all the usual OpenVPN freebies and they are not working or users on the site's have little troubleshooting experience with them so we are both stuck.
I just need a simple 1 to 1 user solution for the moment
You'll never get an actual VPN, but you can do port forwarding over SSH just fine, either statically, or using a socks proxy. With a socks proxy setting any client tool which can use a socks proxy can implicitly connect anywhere that that remote point can reach.
if you want to connect to XP through Linux machine, you can simply use "rdesktop" no need to search for extra softwares or tools, its installed with normal installation of linux
you can allow forward ports on your ssh server and use putty to create tunnel to your laptop's ports.
lots of easy howtos are there if you just google for "putty ssh tunnel", like http://people.hmdc.harvard.edu/~mathpre/vnc/putty/ , many others. I use putty ssh tunneling when connecting to my home server to access VNC, as i don't allow it to listen on external address, it is bound to 127.0.0.1.
if you want to connect to XP through Linux machine, you can simply use "rdesktop" no need to search for extra softwares or tools, its installed with normal installation of linux
It's more that I want to run software on my Windows laptop but tunnel it through the Linux server so that instead of having the WAN IP, I get the ge specific IP address of the Linux box...
rdesktop sounds like a remote desktop connection ?
you can allow forward ports on your ssh server and use putty to create tunnel to your laptop's ports.
lots of easy howtos are there if you just google for "putty ssh tunnel", like http://people.hmdc.harvard.edu/~mathpre/vnc/putty/ , many others. I use putty ssh tunneling when connecting to my home server to access VNC, as i don't allow it to listen on external address, it is bound to 127.0.0.1.
Do I need to know every port running on my laptop to tunnel it through to the linux box?
I really only wanted to open one port on the server for security as the box is already used as a proxy server.
only the ports that are relevant, but if the only reason is to reach a web proxy, then the socks option might suit you better, avoiding the need for the dedicated proxy completely.
only the ports that are relevant, but if the only reason is to reach a web proxy, then the socks option might suit you better, avoiding the need for the dedicated proxy completely.
Well, the web proxy serves clients for website requests.
I just want to utilise the server for a temporary connection myself but for 1 bit of software on my computer. I can't be sure what ports it uses though or whether it opens new ones as needed.
only the ports that are relevant, but if the only reason is to reach a web proxy, then the socks option might suit you better, avoiding the need for the dedicated proxy completely.
This client doesn't have anywhere to set proxy or SOCKS proxy settings sadly.
Ok, so this program uses ports 17326, 17325, 443, and 80.
So I need to create a tunnel for all those ports an dopen those ports on the server if not already open?
WHat if port 80 and 443 are already being used on the server by the proxy?
On a separate note, I used this proxy server before but had a problem with video site using Flash's new RTMP on port (I think) 1935. This is because the browser would route everything through port 80 and proxy settings yet 1935 went to a direct connection rather than through the proxy. Could I re-tunnel that back through the proxy using SSH?
Right so yes you'd need 4 tunnels if those details are correct. it doesn't matter what ports are being used on the remote machine, it's the loopback interface on the local one which they bind to.
Right so yes you'd need 4 tunnels if those details are correct. it doesn't matter what ports are being used on the remote machine, it's the loopback interface on the local one which they bind to.
So, I could open port 2000 on the server.
Then I forward those 4 ports on my local computer through SSH to the server and all traffics is now running through those ports.
Problem is do I need those 4 ports open on the outgoing firewall on the server?
ie
Normal connection: client to software developer's server 80, 443, 17326, 17325
SSH connection: client to Linux on 80, 443, 17326, 17325.
Linux now needs to connect to the software developer's server, it can't do that all through port 2000 can it?
I tried this with port 80, but when SSH connected to the server, it just hung.
Do I need to use a username and password as well?
No, the point is that the only port you need for the tunnel is 22, the other ports are only used within the client machine and then passed over port 22 and out to their destination at the server side, of course you need to have a functional SSH session running in order to bind the ports at the remote server end. what is required of the network after it leaves the ssh tunnel is none of SSH's business. I don't understand where port 2000 comes into the equation at all.
No, the point is that the only port you need for the tunnel is 22, the other ports are only used within the client machine and then passed over port 22 and out to their destination at the server side, of course you need to have a functional SSH session running in order to bind the ports at the remote server end. what is required of the network after it leaves the ssh tunnel is none of SSH's business. I don't understand where port 2000 comes into the equation at all.
Does it need a username and password to connect?
I can't seem to enter that in putty.
2000 was just an assigned port instead of using 22 for SSH to listen to.
Sorry, what I meant was that if my local 17326 port gets sent to the server on port 22, then out to the developer's server. The developer's server will be expecting a connection from port 17326 and also reply on that port but the Linux server has port 17326 closed.
from port 17326? no, the destination is whatever you tell putty to redirect to. e.g. you'd map 1234:23.45.67.89:6789 meaning that connections hitting 1234 on the local machine will go down the ssh tunnel, and be sent on to 23.45.67.89:6789 when they emerge on the ssh server.
Last edited by acid_kewpie; 01-06-2010 at 11:03 AM.
from port 17326? no, the destination is whatever you tell putty to redirect to. e.g. you'd map 1234:23.45.67.89:6789 meaning that connections hitting 1234 on the local machine will go down the ssh tunnel, and be sent on to 23.45.67.89:6789 when they emerge on the ssh server.
yes but then the ssh server send it onto 89.111.222.34 and expects a reply on the same port?
Let's assume MSN runs on port 234.
I route 234 to the SSH server on port 22.
The SSH server has outgoing port 234 open so it routes the connection on 234 to Microsoft. Microsoft reply on port 234 but it can't because the incoming port 234 is blocked on the SSH server.
Is that how it works? Because if so, then I need to open all related ports.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.