LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-06-2010, 02:28 PM   #16
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976

That seems to just suggest you aren't that familiar with stateful tcp connections. If the connection is initiated form the SSH server, then the TCP response will match up and go back the way it came, as long as your firewall is statefully monitoring connections, which is a 99.999% certainty.
 
Old 01-06-2010, 02:42 PM   #17
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by acid_kewpie View Post
That seems to just suggest you aren't that familiar with stateful tcp connections. If the connection is initiated form the SSH server, then the TCP response will match up and go back the way it came, as long as your firewall is statefully monitoring connections, which is a 99.999% certainty.
But the developer's server might be expecting a request from port 17356.
If it comes in on the SSH server at port 22, how does the SSH server know that it needs to go out and come back in on 17356 especially if those ports are blocked?

Also, do I need a username password to connect to port 22?
I added the connection in ssh putty but it just hangs on connecting.
 
Old 01-06-2010, 04:34 PM   #18
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
well DOES it expect a connection *FROM* port 17356?? It's technically possible, but very very very very unlikely. Why would they??

As in my previous comment, the tunnel settings define explicitly what destination iport to send the traffic to.

And yes, again, you need to log in. Wouldn't it be *massively* insecure if it were possible to reroute traffic via a server which you had not authenticated to whatsoever?? You need to FULLY log in with an SSH session with those additional parameters.
 
Old 01-06-2010, 06:15 PM   #19
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by acid_kewpie View Post
well DOES it expect a connection *FROM* port 17356?? It's technically possible, but very very very very unlikely. Why would they??

As in my previous comment, the tunnel settings define explicitly what destination iport to send the traffic to.

And yes, again, you need to log in. Wouldn't it be *massively* insecure if it were possible to reroute traffic via a server which you had not authenticated to whatsoever?? You need to FULLY log in with an SSH session with those additional parameters.
Ok, thanks for your patience by the way
So, I have followed this tutorial: http://www.codelathe.com/blog/index....sh-with-putty/

Now...whilst I can connect by SSH and enter a username and password, when I open up the 2nd SSH connection, it always refuses the connection.
Is there an easier way?
Could I somehow use my existing proxy server (only listening on port 80 and 8080) to tunnel all my VPN traffic through (non HTTP)?
 
Old 01-07-2010, 12:53 AM   #20
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
what 2nd connection?? you use one ssh session with multiple tunnels. you can try using something like httptunnel as an alternative, sure.
 
Old 01-07-2010, 03:13 AM   #21
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Original Poster
Rep: Reputation: 30
Was just following that instruction page.
ANyway, I tries it using one putty connection and forwarding port 80 with tunnels set to auto and dynamic.
Made the connection and entered the linux password.
However, when I checked my IP address on Firefox, it still gave me the local IP address rather than the server.
 
Old 01-07-2010, 04:12 AM   #22
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
you can't just randomly choose to use dynamic as opposed to explicitly settings ports, dynamic means it'll be a socks proxy as opposed to a simple tunnel. You didn't say you even set firefox to use that port as a socks proxy in the first place.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH vs VPN maxsanders Linux - Networking 3 08-14-2007 04:22 PM
VPN vs SSH metallica1973 Linux - Security 4 06-06-2007 11:25 AM
SSH -2 as secure as VPN? Lexia Linux - Networking 1 02-23-2007 04:24 PM
VPN, SSH and VNC roofninja Linux - General 2 04-06-2006 02:27 PM
ssh + vpn = right choise? spoody_goon Linux - Networking 7 01-07-2006 03:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration