Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The access to remote server is working. Our problem is that we want to have the tunnel persistent. Starting on server start and reconnecting if disconnected. But im not sure how to do that.
there would be also another point of being able to use the tunnel by accessing another machine which establishes the tunnel to the other side.
Murdock: Yes, the SOCKS way would also work fine (I use this to get round the corporate firewall at work).
ghostwriter: For this to work, you'll need to set up passwordless keys for local -> remote connections.
Once that's done, run ssh in a loop, like:
Code:
while true
do
ssh -L 8000:localhost:80 username@webserver
done
If the connection drops, ssh *should* return, and another instance of ssh will be launched. If there's passwordless keys, then the whole process can go on without any supervision.
If the -L switch redirects data from port 8000 to port 80 at localhost (of the remote ssh server), then I would imagine that redirecting it to the IP of the webserver would have the same effect.
However, I will say that although this may return the proper website, I think, since the data is only encrypted until it reaches the ssh server and once the data is redirected to the internet IP of the server (although it is actually the IP of the server itself!) the data is not anymore encrypted. Using localhost:80 would solve this problem by only letting any data go as far as the loopback (ie. not outside the server itself).
ilikejam:
Although the -D does return the proper web pages, as I mentioned to ghostwriter78, I don't think the data is encrypted once it leaves the ssh server, which means that the data is only encoded until it is redirected to the server's internet IP. Accordingly, using your original method of localhost:80 would ensure that the data does not leave the ssh server, but is just redirected locally in the computer itself to the Apache server.
Does my conclusion make sense?
Thanks!
Murdock
Last edited by Murdock1979; 10-29-2007 at 02:14 PM.
The reason 'localhost' is used is because the remote side may not resolve 'webserver' as itself, but will almost always resolve localhost as being the local machine. This is especially true when traversing into other networks. For example, none of the machines inside my NATed home network know the aliases that point to the gateway IP from outside.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.