fab-user
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fab-user] existing SSH tunnel

From: Carlos García
Subject: Re: [Fab-user] existing SSH tunnel
Date: Tue, 28 Oct 2014 09:42:23 +0100
Hi Martin

Have you tried to connect directly using SSH? Looks like the tunnel is not working. Try:

ssh -p 3333 localhost

Please, check the listen IP of sshd daemon in the client machine. If it's not listening in localhost, you should change the tunnel command (set listen_ip):

sudo ssh -R *:3333:listen_ip:22 address@hidden -i keyfile.pem -N

Regards


2014-10-28 0:31 GMT+01:00 Martin Enzinger <address@hidden>:
Hi Carlos,

I'm relieved to hear that this is feasible.



While testing option 1 I always get the same response on the remote machine:


No handlers could be found for logger "paramiko.transport"

Fatal error: Error reading SSH protocol banner

Underlying exception:
    Error reading SSH protocol banner


and this the local output.

connect_to localhost port 22: failed.




The reverse tunnel is initiated with this command on the local machine

sudo ssh -R *:3333:localhost:22 address@hidden -i keyfile.pem -N


"GatewayPorts yes" in /etc/ssh/sshd_config is set.
And this is the fab command

fab -H localhost --port 3333 tester




Thank you for your help!








On Mon, Oct 27, 2014 at 4:48 PM, Carlos García <address@hidden> wrote:
Hi Martin,

if I have unterstood your question, that's perfectly possible, as fabric uses SSH to access remote servers and execute tasks. So, if you create a reverse tunnel as this:

ssh -R localhost:5555:localhost:22 your_server

You can use fabric as this on your_server:

fab -H localhost --port 5555 your_task

If you're using fabric from another server that access to your_server, you must configure the sshd daemon on your_server to allow you to create sockets that listens for remote connections. I think it's not allowed by default. Also, your reverse tunnel should be done like this:

ssh -R your_server:5555:localhost:22 your_server

or 

ssh -R *:5555:localhost:22 your_server

And fabric command would be:

fab -H your_server --port 5555 your_task

Hope it helps!


Regards
 

2014-10-26 20:18 GMT+01:00 Martin Enzinger <address@hidden>:
Hi,

if a client is located behind a firewall I usually set up a reverse tunnel between the client and a remote server and then connect via the remote server to the client.

Is it possible to use fabric this way?

If a reverse tunnel (remote server <-> client) is initiated by the client, can fabric somehow access the client and do its magic?

I have full access to the remote server.

Thanks, best regards

_______________________________________________
Fab-user mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/fab-user




--
Carlos García
Director de Operaciones
Tel. 695 624 167 - 902 620 100
www.stoneworksolutions.net

AVISO DE CONFIDENCIALIDAD
Tanto este mensaje como todos los posibles documentos adjuntos al mismo son confidenciales y están dirigidos exclusivamente a los destinatarios de los mismos. Por favor, si Ud no es uno de dichos destinatarios, notifíquenos este hecho y elimine el mensaje de su sistema. Queda prohibida la copia, difusión o revelación de su contenido a terceros sin el previo consentimiento por escrito del remitente. En caso contrario, vulnerarán la legislación vigente




--
Carlos García
Director de Operaciones
Tel. 695 624 167 - 902 620 100
www.stoneworksolutions.net

AVISO DE CONFIDENCIALIDAD
Tanto este mensaje como todos los posibles documentos adjuntos al mismo son confidenciales y están dirigidos exclusivamente a los destinatarios de los mismos. Por favor, si Ud no es uno de dichos destinatarios, notifíquenos este hecho y elimine el mensaje de su sistema. Queda prohibida la copia, difusión o revelación de su contenido a terceros sin el previo consentimiento por escrito del remitente. En caso contrario, vulnerarán la legislación vigente
reply via email to
[Prev in Thread] Current Thread [Next in Thread]