Hello all,
I have a SSH server (server1) behind a NAT and I can't control or modify it.
I'm trying to find a solution to bypass it.
I have a VPS with CentOS 7 (server2) and I'm trying to use it as a middleman between my server and the people who needs to access it.
I've never configured a linux machine before...
I didn't change anything in the settings of CentOS except setting GatewayPorts to 1 and restarting the sshd.
From my server1 I open a SSH connection like this: ssh -R 10021:localhost:22 user2@server2
On the CentOS server (server2), I can see it listening on the port and if I do this: ssh -p 10021 user1@localhost, I'm in server1.
However if I try from my machine to do the same: ssh -p 10021 user1@server2, I have "connection refused".
I'm gathering the CentOS server is denying the connection but I don't know what I have to do to allow it.
I've tried to stop the iptables service for a moment but it didn't help.
Any suggestions ?
Thank you!
lamazzi
SSH forwarding
Re: SSH forwarding
For the record, there were two separate problems:
- First one, I had to reboot the machine. For some reason, restarting the sshd wasn't enough.
Found my answer here: http://stackoverflow.com/questions/2729 ... on-refused
- Second one, as I suspected iptables was blocking the incoming connection and here the command line used (suggested by a kind person on another forum):
- First one, I had to reboot the machine. For some reason, restarting the sshd wasn't enough.
Found my answer here: http://stackoverflow.com/questions/2729 ... on-refused
- Second one, as I suspected iptables was blocking the incoming connection and here the command line used (suggested by a kind person on another forum):
Code: Select all
iptables -I INPUT -p tcp --dport 10021 -j ACCEPT
Re: SSH forwarding
There is some software in EPL called autossh (well I think it's EPEL, it may be in the main repos). Makes setting up an end to end tunnel with SSH quite easy (well easier). Have a look at it. I've used it like this:
autossh -M 0 -q -f -N -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -L 4002:localhost:80 tunnel@1.1.1.1
You can pass arbitrary ssh options to it too (so keepalive and so on). You still need to open the ports used on any firewalls involved.
autossh -M 0 -q -f -N -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -L 4002:localhost:80 tunnel@1.1.1.1
You can pass arbitrary ssh options to it too (so keepalive and so on). You still need to open the ports used on any firewalls involved.