I need to create SSH tunnel with PuTTY in Windows, that would do the same as this command in Linux:
ssh -fN -L 2000:SomeIp:2000 myusername#myLinuxBox
I tried many options in PuTTY, including setting source port in GUI to "2000" and destination to "SomeIp:2000". Destination is set to local (as the -L switch suggests).
I successfully login to my SSH box but port forward is not made.
Is this even possible in Windows, so that all the connections made by programs that use this port (2000) will go through this tunnel?
With the PuTTY suite, you can set up a tunnel either using the PuTTY itself (GUI) or using the command-line tool plink.exe.
With the plink.exe, you use the same arguments as with the OpenSSH ssh, except for the -f, which does not have an equivalent in Windows.
plink.exe -N -L 2000:SomeIp:2000 myusername#myLinuxBox
Reference: Using the command-line connection tool Plink
With the PuTTY, the -L 2000:SomeIp:2000 translates to:
So it's actually, what you claim to have tried. If you have any problems, use the PuTTY event log to investigate:
The -N translates to the option "Don't start a shell or command at all".
But it probably does not make sense with a GUI client to enable it, as you get a window anyway, you just cannot do anything with it. See also the PuTTY wish no-terminal-window.
If you are going to use the tunnel to connect with PuTTY to another server, you can actually set up the tunnel as a part of the session settings with use of plink as a proxy, see: PuTTY configuration equivalent to OpenSSH ProxyCommand.
You probably want to use plink.exe instead of the GUI client. The command line syntax is compatible iirc.
Or you can wade through the putty GUI, which also allows this. See Connection > SSH > Tunnels on the left side with the option tree.
The answers above mention two different ways of resolving the problem:
using plink
using putty GUI
I don't have plink and I can't download the plink.exe file (it is a closely monitored restricted environment) so used a different way to script the solution with a one-line script:
start putty -ssh myusername#myLinuxBox -pw my_pw -L 2000:localhost:2000
Store this in a batch file (file extension ".bat", e.g. "tunnel.bat"). So every time you double-click on this file the command is run and putty creates the ssh tunnel. If you want more tunnels just repeat this part
-L 2000:localhost:2000
by changing the ports accordingly.
"Source" port is a port number on the same machine from which you are running putty (eg. open this in your browser: 127.0.0.1:source). "Destination" is your remote port that you want to connect to from your local machine. It started to work after I realized this.
Related
I tried to open putty ssh connection over SOCKS5 proxy via command line.
putty.exe -P port -pw password username#host -nc proxyhost:proxyport
This command doesn't work and I think it is incorrect. I tried a lot of variants of this command, but putty user manual doesn't contain necessary information.
I tried to connect to my host throw putty UI and it works fine.
For openSSH similar command looks
ssh -o "ProxyCommand=nc -x proxyhost:proxyport %h %p" -p port username#host
If I were you I would create a "Saved Session" with Putty and launch it via command line:
putty.exe -load session_name
It will be easier to create a "Saved Session" via the PuTTY interface than toying around with the command line. And it seems like you already have it working through the PuTTY interface.
Even though this is an old thread I would like to add my two cents, as I found it hard to gather all the information necessary to set up a working ssh connection over a SOCKS-5 proxy using putty command line and this thread showed up in my result list.
TL;DR
It is currently not possible (as of putty v0.74) to route ssh traffic over a SOCKS-5 proxy using putty or plink as the proxy-command on the command line. You have to use an alternative like ncat for windows, e.g.:
putty -p <targetport> -proxycmd "ncat.exe --proxy-type socks5 --proxy <proxyhost>:<proxyport> <targethost> <targetport>" <targethost>
Details
The putty GUI allows the configuration of an SOCKS-5 proxy, see putty documentation.
As correctly stated in the answer, by BlakBat this configuration can be called via command line using the -load argument.
The command line argument -proxycmd triggers the use of a so called 'local' proxy connection (see the putty documentation again):
> 3.8.3.24 -proxycmd: specify a **local** proxy command
The local proxy command is a command issued on the local machine, that will handle the proxy connection (see the documentation about proxy types). ncat is such a command and it is able to interact with a SOCKS-5 proxy.
Finally, it is tempting to use plink/putty as the proxy command to avoid the use of multiple tools.
Putty claims to provide an alternative to the netcat utility via the -nc argument, however the putty documentation states:
If you want your local proxy command to make a secondary SSH connection to a proxy host and then tunnel the primary connection over that, you might well want the -nc command-line option in Plink.
If you try to use the -nc argument to open a SOCKS-5 connection your SOCKS server log might show something like this:
sockd[1234]: info: block(1): tcp/accept ]: 1.2.3.4.4711 1.2.3.5.1080: error after reading 1 byte in 0 seconds: unknown SOCKS version 83 in client request
This is an indication that an attempt was made to open an SSH session to the SOCKS-5 server.
So, unfortunately, to my knowledge your only chance is to use putty along with a netcat-like tool to establish a proxied SSH connection using an SOCKS-5 proxy.
Simple,
putty -D 8080 <user_id>#<server_name> -pw <password>
I'm using putty and I want to be able to connect to a ssh server with a different ip every time. How do I do this?
I'm not sure if I use tunnel or what steps to take. If you have a tutorial that would be great.
See this: https://vscentrum.be/neutral/documentation/client/windows/PuTTY-proxy
That link describes how to use a command to configure a LOCAL proxy, mainly:
plink -agent -l %user %proxyhost -nc %host:%port
Now you can probably write a batch file that chooses randomly from a list of proxies and substitutes %user and %proxyhost in this plink command. (Or better yet, moves a proxy from a list of available proxies into a list of used proxies.)
Is there away to combine this into one batchfile? This is a hand me down task, but I think I should be able to combine the two. Why open Putty once and then open another tool pscp? I just don't know the difference between putty and pscp? Any help or insite would be appreciated. Thank you.
C:\putty.exe, 192.168.1.1 -pw xxxx
killall /bob/bin/myfile.out
Close putty
pscp.exe myfile.out.2.3.4 root#192.168.1.1:/bob/bin/myfile.out
pw
Reboot target
No, putty is analagous to ssh and pscp to scp.
PuTTY provides the overall functionality as does SSH. However, ssh and putty (non-capitalized) are interactive (as well as non-interactive by supplying shell commands as arguments) command line interfaces within the greater context of what PuTTY and SSH can do. scp and pscp are secure versions of the ftp Linux/Unix command (with similar, but not identical, command sets) which use the SSH protocol to securely authenticate and transfer files.
So essentially, there is not a way to combine them. The Unix philosophy is that one tool does one thing and does it really well.
i use in linux the following command to create a tunnel
tsocks ssh -n -f -N -L 1081:142.51.6.42:22 admin#142.51.10.36
after which i use
ssh root#localhost -p 1081
is it possible to replicate the same in windows using putty ?
PuTTY has ssh tunneling support (including SOCKS4/5 support). though in your case you could simply run a first PuTTY connection to set up a static port forward.
If you really need a tsocks (ie. socksify) alternative, you can try WideCap, and set up a Dynamic port forward in PuTTY
My current solution for editing files on a remote web server is to use Fetch to browse the remote machine and TextWrangler to make the edits. But since I'm getting more comfortable navigating the command line on the remote machine (but not comfortable enough to use VIM...), I'd like to be able to type something like 'open filename.txt' on the remote machine and have TextWrangler open up on my local machine. I've heard the term "reverse tunneling" tossed around as an option, but I have no idea what to do next. Any suggestions are greatly appreciated - thanks!
Personally, I use Cyberduck as my S/FTP browser. In Cyberduck's preferences, you can define a default text editor to edit remote files. Now I can just hit Cmd+K when I have a file selected, and it will open up in TextWrangler. Whenever I save, the changes are automatically transferred to the remote file.
I was actually looking to do the same thing, and no one had written it up, so I figured this out today.
There's 2 required and 3 optional parts to this:
Enable ssh login on both computers (required)
Set up an ssh tunnel from the remote machine to your machine (required)
Set up an alias for the ssh tunnel (optional)
Set up an alias for TextWrangler on the remote machine (optional)
Set up ssh keys so you don't have to enter your password every time (optional)
You need to be able to ssh from local to remote to run the commands, and you need to be able to ssh from remote to local so it can send commands to TextWrangler.
To set up the ssh tunnel, you need to run a command on your local machine like:
ssh -f -N -R 10022:localhost:22 [username on remote machine]#[remote machine hostname]
The -f and -N flags put ssh into the background and leave you on your machine. The -R flag binds a port on the remote computer to a port on your local computer. Anything contacting the remote machine on port 10022 will be sent to port 22 on your local computer. The remote port can be anything you want, but you should choose a port > 1024 to avoid conflicts and so you don't have to be root. I chose 10022 because it's similar to ssh's default port of 22. Replace the brackets with your username and machine name.
You'll need to run that once after you log in. To make the command easier on yourself, you can add an alias in your bash profile. Add the following to your local ~/.bash_profile:
alias open-tunnel='ssh -f -N -R 10022:localhost:22 [username on remote machine]#[remote machine hostname]'
Of course, you can choose whatever alias name you like.
Once you've set up the tunnel, you can use a command like this on the remote machine:
ssh -p 10022 [username on local machine]#localhost "edit sftp://[username on remote machine]#[remote machine hostname]//absolute/path/to/file.txt"
The -p flag says to use port 10022 (or whichever port you chose earlier). This will cause the remote machine to connect to your local machine and execute the command in the double quotes without opening an interactive ssh session. The command in the quotes is the command you would run on your local machine to open the remote file in TextWrangler.
To make the command easier on yourself, you can add a function in your bash profile. Add the following to your remote ~/.bash_profile:
function edit { if [[ ${1:0:1} = "/" ]]; then abs_path="$1"; else abs_path="`pwd`/$1"; fi; ssh -p 10022 [username on local machine]#localhost "edit sftp://[username on remote machine]#[remote machine hostname]/$abs_path"; }
This is assuming that you don't have the TextWrangler command line tools installed on the remote machine. If you do, you should name the function something other than edit. For example, tw. Here, ${1:0:1} looks at the first character of the first parameter of the function, which should be the file path. If it doesn't begin with /, we figure out the absolute path by adding the current working directory (pwd) to the beginning. Now, if you're on the remote machine in /home/jdoe/some/directory/ and you run edit some/other/directory/file.txt, the following will be executed on your local machine:
edit sftp://[username on remote machine]#[remote machine hostname]//home/jdoe/some/directory/some/other/directory/file.txt
Lastly, you should set up ssh keys in both directions so you're not prompted for a password every single time. Here's a guide someone else wrote: http://pkeck.myweb.uga.edu/ssh/
I dont think this will allow opening from the command-line, but
Eclipse with Remote-System-Explorer also supports editing of files via ssh connection
I think what you're referring to is called "X11 forwarding" over ssh. Take a look at the ssh_config(5) manpage for configuration (or just use 'ssh' with the '-X' parameter). As far as i know, this does only work with X11 programs (gvim, xemacs, etc.), because the editor is actually running on the host you're connecting to - only the display stuff happens on your local machine. So TextWrangler is not an option, because it's not an X11 program.
I use Interarchy (from nolobe) for remote editing. It's a fairly advanced ftp/sftp client that gives you a finder-style view of your remote files and allows you to use your favourite editor to work on those files.
If you don't like to pay for such a program, there's an Open-Source program called "Fugu" available from the Univerity of Michigan which you can also use.
FileZilla offers this functionality as well. You can download it here. Once you've connected to your sftp you can right-click on the text file and open it with the text editor of your choice.
Minimal answer
You can use Applescript. So from the command line execute this:
osascript <<EOF
tell application "TextWrangler"
activate
open location {"sftp://myusername:#my.server:22222//home/username/.bashrc"}
end tell
EOF
Notes
Obviously you wouldn't want to type a here document on every invocation, so my suggestion would be to put this logic inside a regular shell script:
osascript <<EOF
tell application "TextWrangler"
activate
open location {"$1"}
end tell
EOF
Then invoke the script like this:
sh ~/bin/textwrangler.sh "sftp://myusername:#my.server:22222//home/username/.bashrc"
Specifying a host-qualified path can get tedious each time so either hardcode that in your script, or bind the script invocation to a keystroke via your shell. For bash:
bind '"\et":"sh ~/bin/textwrangler.sh \"sftp://myusername:#my.server:22222/\""'
Now you generate the majority of the command by pressing Alt-t