Jump to content

Recommended Posts

I am trying to configure synergy to run over ssh to secure it... but I have very little experience tunneling with ssh.

 

In order to solve this problem I need to ssh over port 24800, like so

 

ssh -L 24800:remote-host:24800

 

I made very sure that I am correctly forwarding port 24800 in my router/firewall config... and all I get when running that command is this...

 

 $ ssh -L 24800:hal:24800
usage: ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
           [-D [bind_address:]port] [-e escape_char] [-F configfile]
           [-i identity_file] [-L [bind_address:]port:host:hostport]
           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
           [-R [bind_address:]port:host:hostport] [-S ctl_path]
           [-w local_tun[:remote_tun]] [user@]hostname [command]

 

Any thoughts???  Any help if greatly appreciated...

Link to comment
https://forums.phpfreaks.com/topic/97666-ssh-tunneling-problem/
Share on other sites

rhodesa: I may look into using a different program like stunnel, but my school machines are using ssh and not stunnel, so even if that works for this problem, I would still like to be able to tunnel from school to home... thanks for the suggestion...

 

neylitalo:

 

The following is straight from the man page of ssh:

-L [bind_address:]port:host:hostport

            Specifies that the given port on the local (client) host is

            to be forwarded to the given host and port on the remote

            side.  This works by allocating a sockjjjkjket to listen to port on

            the local side, optionally bound to the specified

            bind_address.  Whenever a connection is made to this port,

            the connection is forwarded over the secure channel, and a

            connection is made to host port hostport from the remote

            machine.  Port forwardings can also be specified in the con‐

            figuration file.  IPv6 addresses can be specified with an

            alternative syntax: [bind_address/]port/host/hostport or by

            enclosing the address in square brackets.  Only the superuser

            can forward privileged ports.  By default, the local port is

            bound in accordance with the GatewayPorts setting.  However,

            an explicit bind_address may be used to bind the connection

            to a specific address.  The bind_address of “localhost” indi‐

            cates that the listening port be bound for local use only,

            while an empty address or ‘*’ indicates that the port should

            be available from all interfaces.

 

Forgive me if I am confused, (I very likely am), but I would interpret this to mean that the L option is expecting 2 ports, the host name and *optionally* the "bind address" (hence the square brackets).  Something about this does not make sense to me, because the host name should already define the IP address of the machine I am trying to connect to.  Wouldn't this make the "bind address" redundant??? Correct me if I am wrong, but all the host name is is an alias for a static IP defined in /etc/hosts...

 

Further, I had noticed that their was a -p option for ssh, but decided to try and stick with the guide I was using to secure synergy, which uses the -L option.  At your sugestion, I modified my /etc/ssh/sshd_config file to include

Port 24800

and then restarted my ssh...

sudo /etc/init.d/ssh restart

to make sure ssh was up to date with the config file...

I then made sure that my port 24800 was being forwarded through my router to my machine.

Then at my remote host I did this

ssh -p 24800 host_name

and I get this...

ssh_exchange_identification: Connection closed by remote host

Not sure why this would be happening, either...

 

I really did not think that this would be difficult at all... oh well... at least I will learn something...

 

Thank you...

Link to comment
https://forums.phpfreaks.com/topic/97666-ssh-tunneling-problem/#findComment-499860
Share on other sites

Well, if you need the outgoing port to be 24800, then you need -L, but I really don't think you need any particular port. If you want to follow the synergy instructions and use -L, I only have one suggestion:

 

ssh -L 24800:hostname:24800 hostname

 

I'm guessing that it's dying because you haven't given it the (mandatory) hostname argument at the very end.

Link to comment
https://forums.phpfreaks.com/topic/97666-ssh-tunneling-problem/#findComment-500036
Share on other sites

neylitalo:

Ok... so that was clearly me being very careless... leaving out the hostname at the end...

 

$ ssh -L 24800:host:24800 host

 

Does the trick... however

 

$ ssh -p 24800 host

Still dies... with

ssh_exchange_identification: Connection closed by remote host

So obviously something is configured incorrectly somewhere... but it seems obvious that I need to study ssh tunneling more to avoid this kind of thing in the future...

 

Thanks... issue solved...

Link to comment
https://forums.phpfreaks.com/topic/97666-ssh-tunneling-problem/#findComment-500117
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.