Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a reverse ssh connection established from a remote machine to my local machine - it is established with autossh from the remote machine - I know it is connecting because I can see the two ssh processes on the local machine - and, when I kill the two ssh processes, two new ssh processes are immediately established.
But I cannot login to the port on the local machine. I have tried everything - it simply refuses to connect. This remote machine is miles away and not readily accessible.
Code:
ssh -p 7766 -vvv user[at_sign]192.168.1.108
OpenSSH_5.1p1 Debian-6ubuntu2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.108 [192.168.1.108] port 7766.
debug1: Connection established.
debug1: identity file /home/guest/.ssh/identity type -1
debug1: identity file /home/guest/.ssh/id_rsa type -1
debug1: identity file /home/guest/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
I'm wondering if there is some way I could utilize netcat or socat to "tap into" this connection from my local machine??? (My ultimate goal would be to get to a shell on the remote machine.)
You would need to set that up on the remote machine BEFORE establishing
the SSH connection. SSH simply doesn't give the server a shell on the
client. So regardless if you could somehow "tap into" the connection,
you'd only end up with a shell on the sever, the local machine.
In other words:
> have a reverse ssh connection established
What you have is a normal SSH which you wish you could use in
reverse, but you can't.
To set that up BEFORE making the connection, you'd redirect the STDIN
and STDOUT to named pipes, local sockets, fifos, or some other type of IPC.
The idea is that you'd be doing something roughly similar too:
ssh otherbox.com "tail -f </tmp/input" >/bin/bash
That is, on the machine you are connectiong to, you'd be telling SSH
to read some file/socket/pipe/fifo, then redirect it's output to a local shell.
Most likely, though, to tolve your problem you need to forget everything
I just said and everything in your original post. Instead, go back a step
or two and think about what your problem is or what you need to do, as
opposed to the METHOD you've been thinking you want to use. You need to
admister a remote server/ How about connecting TO it via SSH rather than
FROM it? A KVM? IPMI? A serial ca ble connected to another remote machine?
I'm guessing that you can't just ssh from the local machine to the remote, or else you wouldn't be asking this. Perhaps the remote machine is your office desk PC behind your employer's NAT firewall.
I think there is a way to solve this, though I haven't done it. These are the steps that I think would work:
Pick an unused port above 1024.
Configure sshd on the remote machine to listen to that port (it may listen to multiple ports).
Use the DynamicForward configuration item in you ~/.ssh/config file on the remote machine to forward the port you picked.
On the local machine, ssh to the remote using the port you forwarded.
This way, you would be opening up a new SSH connection from local to remote, but it is being carried in what is essentially a VPN connection over the other SSH connection.
Thanks very much for your suggestions - I think you've convinced me that even though this connection exists, there is no way to use it as it is now set up.
And yes, it is a situation where the server is behind a wireless network - and I have no control over that network. It would take a 1,200 mile plane ride to fix it. It working working at one point, but I must have done something to cause it to stop accepting ssh connections. It doesn't even give me the opportunity to login - it simply responds as you see in my first post.
Again, you have convinced me that there is no way to fix this without accessing the remote machine. It's just strange that a person is always concerned that someone will hack into his or her machine - in this case I know all the pertinent details about this remote machine - even have an established connection, but yet I am helpless!
I'm assuming you edited that IP and you are not actually trying to
connect to 192.168.1.108? 192.168.1.108 is of course not a remote
IP unless you have a VPN connection to the remote network.
As I mentioned in my first post, the remote machine has established a reverse ssh connection to my local machine.
So I would login to either localhost or the actual ip address of my local machine to access that reverse connection. I have found through research and experimentation that when establishing the reverse connection (from the remote machine) one is better off to specifically designate the ip address of the local machine, rather than using localhost.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.