Monday, January 19, 2004

Comments, Links

Warning, geek talk ahead!

Stayed up way too late trying to figure out how to get esd working client-server mode across the internet so that I could play the CDs in vb's changer and listen to them here at home. After hours of testing, consulting an expert (thanks mlyle), and switching back and forth between a dozen screens or so, mlyle reminded me to make sure that vb's box was also running esd... which it wasn't! Live and learn.

So the big success story for tonight has to be on a different front, which is the firewall issue. Woody is pretty cautious about what he lets through the firewall that guards our network here at Liberty. Consequently, I haven't been able to SSH into my computer (petisuis) from school. Tonight, however, after SSH'ing all over the place and taking advantage of my account at vb's new box (Shellacct), I took a hint from mlyle and looked up exactly how SSH tunnelling works. Lo and behold, I can forward a port on the Shellacct machine to my box, from my box. By keeping the connection open between my computer and the Shellacct box, I can SSH on the port I specify from there to here. It boils down to executing this command as root on my box (all one line):

ssh -l username shellacct.com -R port_I_choose:localhost:my_sshd_port -N

Where:

  • -l username tells ssh to login as my username, rather than root (only root can redirect to priveleged ports like the one sshd listens on).
  • -R tells ssh that this is a remote forward, back to the connecting box.
  • port_I_choose is the port on the Shellacct box that I will connect to.
  • localhost is the computer to be forwarded to (it could just as well be petisuis, or 127.0.0.1).
  • my_sshd_port is the port that my ssh daemon is listening on
  • -N is to tell ssh to connect, but Not execute any command. When I leave for school tomorrow, I'll change this to sleep 99999 or something, to not be auto-logged-out by sshd.

One debugging strategy that mlyle reminded me about is to always use the -verbose flag when trying to figure out where a problem lies. Good tip!

It appears that pita.gpcc.itd.umich.edu, one of the Sun boxes in the Fishbowl lab, does port forwarding too. In that case, all I would need to do is this:

Open a connection to pita, forward a random port to the sshd port on my box, and when I'm at school I can ssh directly from pita to my box.

0 Comments:

Post a Comment

Post a Comment

« Home