Slackware This Forum is for the discussion of Slackware Linux.
|
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
07-13-2014, 04:16 PM
|
#1
|
|
Member
Registered: Oct 2009
Location: St. Louis, MO, USA
Distribution: Slackware64 Live
Posts: 315
Rep: 
|
IPTables, allow ssh tunneling?
I have a server out on the internet with Slackware 14.1. I set up the ssh security as per this URL:
http://docs.slackware.com/howtos:security:ssh
I'd like to modify the part about ssh_hide so it will allow ssh tunneling on a specific port, how would I do that?
When I disable the ssh_hide script, I can easily do tunneling on the port I would like, but when in use, I can not. What do I need to modify to allow ssh tunneling on a specific port? |
|
|
|
|
07-13-2014, 06:16 PM
|
#2
|
|
LQ Guru
Registered: Mar 2004
Distribution: Slackware
Posts: 6,858
|
You can't access the server to ports 99,88 or 8889 ?
|
|
|
|
|
07-13-2014, 07:19 PM
|
#3
|
|
Member
Registered: Oct 2009
Location: St. Louis, MO, USA
Distribution: Slackware64 Live
Posts: 315
Original Poster
Rep:
|
Quote:
Originally Posted by keefaz
You can't access the server to ports 99,88 or 8889 ?
|
I can, but I can't use tunneling, it denies access. |
|
|
|
|
07-13-2014, 08:08 PM
|
#4
|
|
LQ Guru
Registered: Jul 2011
Location: California
Distribution: Slackware64-15.0 Multilib
Posts: 6,584
|
Check sshd_config for the tunneling option, you may have to enable it there and then restart the service.
|
|
|
|
|
07-13-2014, 09:48 PM
|
#5
|
|
Member
Registered: Oct 2009
Location: St. Louis, MO, USA
Distribution: Slackware64 Live
Posts: 315
Original Poster
Rep:
|
Quote:
Originally Posted by ReaperX7
Check sshd_config for the tunneling option, you may have to enable it there and then restart the service.
|
If I remove the ssh_hide file, and remove the reference from rc.local, it works as it should. If I re-enable that file and code, tunneling stops. I can still connect via ssh, but I can't tunnel, it doesn't allow me to connect at all. It is denied. |
|
|
|
|
07-14-2014, 04:00 AM
|
#6
|
|
LQ Guru
Registered: Mar 2004
Distribution: Slackware
Posts: 6,858
|
Could you post an example of the ssh command you use for tunnelling ?
|
|
|
|
|
07-14-2014, 08:24 AM
|
#7
|
|
Member
Registered: Oct 2009
Location: St. Louis, MO, USA
Distribution: Slackware64 Live
Posts: 315
Original Poster
Rep:
|
Quote:
Originally Posted by keefaz
Could you post an example of the ssh command you use for tunnelling ?
|
ssh -D 1080 username@123.456.789.012 |
|
|
|
|
07-14-2014, 12:54 PM
|
#8
|
|
LQ Guru
Registered: Mar 2004
Distribution: Slackware
Posts: 6,858
|
did you try adding the destination port eg:
ssh -D 1080 username@123.456.789.012:8889
|
|
|
|
|
07-14-2014, 03:12 PM
|
#9
|
|
Member
Registered: Oct 2009
Location: St. Louis, MO, USA
Distribution: Slackware64 Live
Posts: 315
Original Poster
Rep:
|
Quote:
Originally Posted by keefaz
did you try adding the destination port eg:
ssh -D 1080 username@123.456.789.012:8889
|
When I try that, I get...
"ssh: Could not resolve hostname 123.456.789.012:1080: Name or service not known"
If I try it without the :1080 I get...
"ssh: connect to host 123.456.789.012 port 22: Connection refused"
If I use "ssh -p 1080 username@123.456.789.012", I connect.
Last edited by JamesGT; 07-14-2014 at 03:27 PM.
|
|
|
|
|
07-14-2014, 04:38 PM
|
#10
|
|
Moderator
Registered: Aug 2002
Posts: 26,926
|
Quote:
|
ssh -D 1080 username@123.456.789.012:8889
|
Wrong syntax. If you use a port other then 22 (default) then you need to use the -p switch (or set the value in ~/.ssh/config file)
The firewall rules in the posted how-to basically forwards ssh traffic from port 8889 to 22 so you need to use the syntax
ssh -p 8889 username@xxx.xxx.xxx.xxx
Since 1080 works did you modify the script to use 1080 instead of 8889? If you want to use dynamic tunnelling then:
ssh -D xxxx -p 8889 username@xxx.xxx.xxx.xxx |
|
|
1 members found this post helpful.
|
|
07-14-2014, 06:51 PM
|
#11
|
|
Member
Registered: Oct 2009
Location: St. Louis, MO, USA
Distribution: Slackware64 Live
Posts: 315
Original Poster
Rep:
|
Quote:
Originally Posted by michaelk
|
Worked as it should! Sweet! Thank you very much!
James |
|
|
|
All times are GMT -5. The time now is 05:47 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
