I've got a django project on heroku and it uses postgre database on heroku (ec2). It all works fine, but on one computer I don't have access to postger port 5432 so I need to setup a tunnel from my computer to there. Is that possible?
You will need to have some sort of access to an intermediate host to make it possible. Heroku does not support it out of the box.
Corkscrew does SSH over HTTP proxy. Then you can open a transparent proxy like tsocks. This way you don't necessarily have to know about the firewall.
This all applies to Linux and possibly Mac. On Windows you can pipe your connection through Putty.
Related
This is the first time I use the sshuttle.
I am running into an issue working with sshuttle.
I run the sshuttle to connect my local with a remote server on my local machine.
I can access the server by using ssh and pem file.
I used the following command on my MacOS.
sshuttle --dns -vr dev 10.0.0.0/0 --ssh-cmd 'ssh -i ~/.ssh/dev.pem'
I have set ssh config to use the dev hostname in .ssh/config file
host dev
HostName xx.xxx.xx.xx
user root
IdentityFile ~/.ssh/dev
But I couldn't connect my local to the remote server, even all the internet traffic keeps loading and never loads anything.
I am using a dedicated IP on VPN service (PureVPN). Wihtout VPN, sshuttle is working well so meaning that running sshuttle on top of other VPN service is a problem?
I don't think it's a problem since it's a dedicated IP. And if it's a problem, how can I address this issue since I must use the dedicated IP for an another service.
If you have faced the same issue before, please let me know.
Thank you in advance!
From the looks of what you mentioned there could be two things that can be the cause. One, the credentials that are given to you by the third party hosting are incorrect. But since you mentioned that you are able to access the sshuttle without a VPN, this clearly indicates that you need to get your dedicated IP approved from the hosting service if it's not marked spam. If you are looking for a dedicated IP VPN service provider try Ivacy.
I have a client who is remote. I need to debug some weird problem that none of my other clients are having. Before I try and set up a conference with this client, I would like to know if there is some way of remotely debugging our application.
I see that there are remote debugging tools available for Visual Studio, but from what I've read, I need to be on the same subnet. As the person is remote, this is not a possibility. Also, as I'd like to keep our connection secure, I would need to connect up some sort of encrypted tunnel (this is where I'm a little fuzzy as my networking skills are mostly theoretical).
As I understand it, an encrypted tunnel is a bridge to another (different) subnet. This is to ensure that those computers on the other side won't interfere with the local subnet computers.
So, because the client's computer is on a different subnet, I think that this is not possible. Or is it? Should there not be a way of making the client's computer show up as a virtual computer on my subnet, by forwarding packets from one subnet to another? I would think that this is theoretically possible, but I'm not exactly sure how I would go about this.
Also, at the moment, my current way that we connect to clients is through GoToMeeting, but I don't think that it supports tunneling. If not, then I may need some way of generating a tunnel, so I was also thinking of maybe using some SSH programme like PuTTY.
As I have said before, my knowledge of networking is quite theoretical, so if the tools that I am suggesting are not the correct ones, please correct me. (I'm a programmer, damm it! Not a network engineer!)
Both computers are Windows boxes. Windows 10 (client) and Windows 8.1 (development).
If you can connect to an ssh server in the remote network, you can (subject to configuration on the server) create a tunnel such that you connect to a socket on your local pic and the connection appears from the server to an endpoint on the remote network.
You'll want to investigate the -L command of OpenSSH, which combined with the PuTTY docs, should help explain what's required.
By default, the endpoint would be a port on the ssh server, but it could be a port on a different host that the remote server can connect to.
I'm not familiar with the current state of Windows SSH servers, but even if there isn't a system server to hand, you should be able to have on run 'on demand' - if you run it on a non-privileged port and by the user you want to connect in as, it shouldn't even need Admin privileges.
I'm not familiar with GoToMeeting, but the one thing with SSH tunnelling it that IT depts should be familiar with SSH. If trying that, focus on getting a working connection in, then setting up the tunnel, then connecting through it as separate steps.
Once you have an SSH connection, then it doesn't need to do something itself, and you can then investigate connecting while specifying the port forwarding, but will will need to get the basic connection working correctly first.
I have a PC running cntlm. I am trying to use this cntlm as proxy from another machine. But cntlm listens on local proxy only.
Is there a way, it can work as proxy to external clients too?
The port is open on firewall. I can connect to the machine, which runs on another port, using telnet.
Actually CNTLM doesn't care if it's local computer or a remote one who wants to connect.
You just have to configure is properly.
I suggest you implement this answer: How to configure CNTLM properly
There is a server in my company and many people in the company work on it by Putty. We installed the Putty for our own computers to remote the server. BUT all of these happened in the company's inner web.
Now I want to remote the server from outer web. For example, I am home and I work on the company's server. For now I dont know how to realize this.
How can I configure the server and my PC at home?
Need I make some configuration for the router of the company? How?
Thanks in advance.
Assuming your company has a competent IT staff, there is a firewall that blocks incoming SSH attempts out. (It is called SSH, not Putty. Putty is just a program that Windows users tend to use for SSH.) Inside the company's network, you can SSH. So, from home, you will hit a firewall and you can't SSH in.
Does your company have a VPN system? If so, use that. There are many forms of VPN. Your company's IT staff can tell you how to configure your home machine so it can connect to the company's VPN. Once it does that, it will be as though your home computer is inside the company. You are inside the firewall. You can SSH.
You can ask if they will open the firewall for you. They shouldn't, but you can ask.
If you don't have VPN, all is not lost, but it gets more difficult. I don't expect you to do this, so I will only list the steps.
Install an SSH server on your home computer. Get it up and running. SSH into it from another computer at home.
Forward incoming port 22 requests to your home's firewall/router to your home computer so you can SSH into your home machine from outside your house, ie: From work. Test it from work to ensure it works.
Set up a reverse port forward SSH connection from the server at work to your home computer. What this does is initiate an SSH connection from the work server to your home computer. It then listens on a port on your home computer (pretend you used 2222 as the port). Now, from home, you SSH to your home computer (localhost) on 2222 and it connects over the previously made connection to the server at work.
Your IT staff might notice that you did this. They probably won't like it because you are bypassing their firewall.
You can either forward the port of the server to the public internet, or you can set up a VPN located inside your company's LAN that can be reached from outside the LAN such as OpenVPN.
Note: If you are planning to forward the server directly, make sure the server's security settings are set up correctly to prevent misuse of attackers. You can also restrict access to specific IP addresses using a firewall.
Assuming that your server is behind corporate network, you MUST require a VPN connection to access it. Talk to your IT department and they will be able to help with setting VPN connection.
My webhosting company serves up Control Panel on a funky port number (20000 or something). This port is blocked from work, so I cannot access Control Panel during the day (in case of emergency).
Is it possible, and is there an easy way to run a simple proxy on a VPS so I can browse to the VPS on port 80 and have it talk to the Control Panel machine on the funky port 20000?
Any suggestions are helpful!
Thanks,
Rob
Just start a SSH-forward:
ssh -L 8080:localhost:20000 user#yourhost
You can access your config interface using http://localhost:8080
You can create such a tunnel using Putty on Windows, too. http://oldsite.precedence.co.uk/nc/putty.html