FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 01-26-2011, 03:41 AM
Bond
 
Default I need a reverse proxy solution for SSH

Hi here is a situation I have a server in a corporate data center for
a project. I have an SSH access to this machine at port 22.There are
some virtual machines running on this server and then at the back of
every thing many other Operating systems are working. Now Since I am
behind the data centers firewall my supervisor asked me if I can do
some thing by which I can give many people on Internet access to these
virtual machines directly. I know if I were allowed to get traffic on
port other than 22 then I can do a port forwarding. But since I am not
allowed this so what can be a solution in this case. The people who
would like to connect might be complete idiots.Who may be happy just
by opening putty at their machines or may be even filezilla.I have
configured an Apache Reverse Proxy for redirecting the Internet
traffic to the virtual machines on these hosts.But I am not clear as
for SSH what can I do.So is there some thing equivalent to an Apache
Reverse Proxy which can do similar work for SSH in this situation.

I do not have firewall in my hands or any port other than 22 open and
in fact even if I request they wont allow to open.2 times SSH is not
some thing that my supervisor wants.


--
James Bond

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 01-26-2011, 10:16 AM
Mike McGinn
 
Default I need a reverse proxy solution for SSH

On Tuesday, January 25, 2011 23:41:04 Bond wrote:
> Hi here is a situation I have a server in a corporate data center for
> a project. I have an SSH access to this machine at port 22.There are
> some virtual machines running on this server and then at the back of
> every thing many other Operating systems are working. Now Since I am
> behind the data centers firewall my supervisor asked me if I can do
> some thing by which I can give many people on Internet access to these
> virtual machines directly. I know if I were allowed to get traffic on
> port other than 22 then I can do a port forwarding. But since I am not
> allowed this so what can be a solution in this case. The people who
> would like to connect might be complete idiots.Who may be happy just
> by opening putty at their machines or may be even filezilla.I have
> configured an Apache Reverse Proxy for redirecting the Internet
> traffic to the virtual machines on these hosts.But I am not clear as
> for SSH what can I do.So is there some thing equivalent to an Apache
> Reverse Proxy which can do similar work for SSH in this situation.
>
> I do not have firewall in my hands or any port other than 22 open and
> in fact even if I request they wont allow to open.2 times SSH is not
> some thing that my supervisor wants.

Talk to the folks who run the data center. my company has a bunch of servers
in a data center behind a firewall. We use a vpn to get through the firewall.
The keys are easily revoked.

--
Mike McGinn FACOCM
You won't look forward to the trip!
No electrons were harmed in sending this message.
** Registered Linux User 377849

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 01-26-2011, 10:40 PM
Peter Van Hove
 
Default I need a reverse proxy solution for SSH

Hello,

On 26/01/2011 12:16, Mike McGinn wrote:
> On Tuesday, January 25, 2011 23:41:04 Bond wrote:
>> Hi here is a situation I have a server in a corporate data center for
>> a project. I have an SSH access to this machine at port 22.There are
>> some virtual machines running on this server and then at the back of
>> every thing many other Operating systems are working. Now Since I am
>> behind the data centers firewall my supervisor asked me if I can do
>> some thing by which I can give many people on Internet access to these
>> virtual machines directly. I know if I were allowed to get traffic on
>> port other than 22 then I can do a port forwarding. But since I am not
>> allowed this so what can be a solution in this case. The people who
>> would like to connect might be complete idiots.Who may be happy just
>> by opening putty at their machines or may be even filezilla.I have
>> configured an Apache Reverse Proxy for redirecting the Internet
>> traffic to the virtual machines on these hosts.But I am not clear as
>> for SSH what can I do.So is there some thing equivalent to an Apache
>> Reverse Proxy which can do similar work for SSH in this situation.
>>
>> I do not have firewall in my hands or any port other than 22 open and
>> in fact even if I request they wont allow to open.2 times SSH is not
>> some thing that my supervisor wants.
> Talk to the folks who run the data center. my company has a bunch of servers
> in a data center behind a firewall. We use a vpn to get through the firewall.
> The keys are easily revoked.
>
Why would port-forwarding not work?
Looking at what you write about the setup, you have access with SSH to
the Host operating System.
The guest systems run on-top this Host. So I assume the guest and hosts
can talk directly with each other using TCP/IP?

if doing port forwarding on could just say:

ssh -L 2200:vserver1.myinternal.lan:22 vsx.mycompany.com
(Connection 1)
Then:
ssh -p 2200 localhost
(this will connect to vserver1.myinternal.lan on port 22)

other solution is to use Dynamic forwarding:

ssh -D1080 vsx.mycompany.com
You know have a socks5 proxy server running on localhost.

Any connection tot this proxy server will be forwarded to the
vsx.mycompany.com server.
now you can start putty and choose the proxy settings tab where you can
define the socks proxy server.

Kind regards,
Peter Van Hove



--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 06:42 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org