Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > Secure Shell

Reply
 
Thread Tools Display Modes
  #1  
Old 09-03-2014, 09:16 PM
MikeDahlberg MikeDahlberg is offline
Registered User
 
Join Date: Feb 2010
Posts: 8
rmate and reverse ssh tunneling

I'd like to setup a connection to a server such that when the initial connection is made across port 22, a reverse tunnel back to my Mac running SecureCRT is setup. This tunnel would forward requests on port 52698 back to my local system also on port 52698. I can do this by setting up a local shell session and then running the command:

ssh -R 52698:localhost:52698 user@server

The reason for this is that I'd like to be able to edit files on the server with my local application Textmate (which uses a ruby program running on the server called rmate to forward the data back to my local system)

Instead of using a local shell, I'd like to setup a single SSH2 session that accomplishes this. I've tried changing the remotely forwarded connections (as described in https://forums.vandyke.com/showthread.php?t=7666) but there is a requirement that the remote system forward connections to 127.0.0.1 and rmate requires that it forward to localhost, *not* 127.0.0.1 (I have no idea why they are not interchangeable).

I would value any suggestions or alternate ways of doing this (like say through SecureCRT scripting which I've been looking for a reason to learn this).

Thanks,
Mike
Reply With Quote
  #2  
Old 09-04-2014, 09:52 AM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,544
Hello Mike,

What is your Mac OS?

What were your results (in SecureCRT) when you configured the remote port forward for 127.0.0.1 (or, conversely, for localhost)?
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730
Reply With Quote
  #3  
Old 09-04-2014, 10:48 AM
MikeDahlberg MikeDahlberg is offline
Registered User
 
Join Date: Feb 2010
Posts: 8
rmate and reverse ssh tunneling

Brenda:

I'm using Mac OSX 10.9.4. I currently have my reverse tunnel setup as shown in the attached screen shot

When I attempt to use the reverse tunnel to TextMate, I get the following error on the remote connection:

$ /home/dahlberg/bin/rmate:158:in `readline': end of file reached (EOFError)
from /home/dahlberg/bin/rmate:158:in `connect_and_handle_cmds'
from /home/dahlberg/bin/rmate:207:in `block in <main>'
from /home/dahlberg/bin/rmate:206:in `fork'
from /home/dahlberg/bin/rmate:206:in `<main>'

This error is described in the following URL:

https://github.com/textmate/rmate/issues/21
Attached Images
File Type: png Screen Shot 2014-09-04 at 11.47.29 AM.png (117.8 KB, 323 views)
Reply With Quote
  #4  
Old 09-04-2014, 11:16 AM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,544
Hi Mike,

I see now. So the reason for using localhost is due to IPv6 support.

Do you have a hosts file on your Mac that associates localhost with 127.0.0.1?

I would like to get trace options output which will show what is going on from SecureCRT's perspective.
NOTICE: The requested troubleshooting data may include sensitive information (usernames, passwords, publicly-accessible host names or IP addresses, etc.).

Please redact sensitive information that would not be appropriate for email communication prior to sending the requested information.

If there is sensitive information that must be conveyed in order to provide a complete picture of the scenario you're facing, please let us know and we will set up a secure upload mechanism that can be used.
To enable trace options output:
  • First, open SecureCRT's main File pull-down menu and select Trace Options. If you open the File pull down menu again you should see a checkmark next to Trace Options, indicating that troubleshooting output is now enabled.
  • Next, connect to the remote machine. With trace options enabled, you will notice debugging information displayed in the terminal window that isn't normally there by default when SecureCRT is attempting to establish a connection, and at certain times throughout the lifetime of the connection.
  • Once the problem occurs, please right-click inside the terminal window and choose Select All, then right-click again and choose Copy to transfer the information to the clipboard.
  • Finally, open a text editor, paste the information from the clipboard into the editor program, and save it as a text file.
Since trace options can contain sensitive information, please send it as an attachment via email to support@vandyke.com. Please reference "Attn Brenda - Forum Thread #11680" in the subject line.
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730

Last edited by bgagnon; 09-04-2014 at 11:50 AM. Reason: request trace
Reply With Quote
  #5  
Old 09-04-2014, 12:07 PM
MikeDahlberg MikeDahlberg is offline
Registered User
 
Join Date: Feb 2010
Posts: 8
Brenda:

Hey! That's a pretty useful tool! I sent it to you via email.

This is my /etc/hosts file

$ cat hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
fe80::1%lo0 localhost

Why do you say it's due to IPv6 support? I'm actually not using IPv6.

From the trace output it looks like the connection is being refused. Would this be from a firewall on my Mac or filters in SecureCRT?

Thanks,
Mike
Reply With Quote
  #6  
Old 09-04-2014, 12:16 PM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,544
Hi Mike,

Quote:
Why do you say it's due to IPv6 support? I'm actually not using IPv6.
Maybe you aren't intentionally, but the OS and rmate support it (and apparently prefer it).

Thanks for the trace.

This line shows the issue:

Code:
[LOCAL] : Rejecting remote forward request from [::1]:55963 because connection to the destination 127.0.0.1:52698 failed. Connection refused
So you will need to change the port forward configuration to listen on "::1" (Local Host column) instead of localhost.
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730

Last edited by bgagnon; 09-05-2014 at 09:22 AM. Reason: Corrections
Reply With Quote
  #7  
Old 09-04-2014, 12:23 PM
MikeDahlberg MikeDahlberg is offline
Registered User
 
Join Date: Feb 2010
Posts: 8
Brenda:

That worked! Thanks!

Mike
Reply With Quote
  #8  
Old 09-04-2014, 05:04 PM
MikeDahlberg MikeDahlberg is offline
Registered User
 
Join Date: Feb 2010
Posts: 8
Brenda:

This is a screen shot of my config for the remote forwarded connections. Didn't think I'd use IPv6 to solve the problem.

Thanks again for your help.

Mike
Attached Images
File Type: png Screen Shot 2014-09-04 at 6.10.11 PM.png (117.5 KB, 334 views)
Reply With Quote
  #9  
Old 09-05-2014, 08:09 AM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,544
Thanks, Mike!
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 12:25 PM.