Tag Archives: ssh

Transfer UDP over SSH

When you want to transfer some UDP protocol from a remote server not directly accessible from your local host you can use a combination of SSH and socat to make this communication possible.

The application case is, as an exemple, a SNMP communication with a server in a DMZ to get metrics in a local area dashboard. Like in this exemple.

You have an intermediate host where SSH is accessible you can use as a gateway.

1- on the local host (on the left side), create a SSH tunnel with a TCP port forwarding (here 10000).

ssh -L 10000:localhost:10000 **gateway_host_ip**

2- on the gateway host, route the traffic received from the port we have previously associated to the UDP target host:port

socat tcp4-listen:10000,reuseaddr,fork UDP:**target_host_ip**:**udp_port**

3 – on the local host, route the traffic received from the given UDP port to the previously associated TCP port for tunnelling

socat -T15 udp4-recvfrom:**udp_port**,reuseaddr,fork tcp:localhost:10000

That’s it.

Posted in Systems | Tagged , , | Leave a comment

Access to a remote mongodb with mac OsX client

I needed to access a mongodb instance to manage my collections. I was looking for something like phpmyadmin for mongo but the first tool I found was mongoclient.

This tool is an application for desktop provided for many OS including mac OsX. The quality of the tool is really good.

The mongodb was installed on my server remotely and protected by a firewall so the easiest way to access it was to open a ssh tunnel. Mongoclient is supposed to manage the ssh tunnel in the application but it was not working for me so I had to manually connect the tunnel :

ssh -L 27017:localhost:27017 -p 22 user@mongodb.server.com

Once connected it is possible to create a localhost connection with mongoclient.

 

 

Posted in Middleware | Tagged , | Leave a comment

How to avoid ssh session closing on inactivity

CentOs 7 have a built-in configuration to close the inactive ssh session. In term of security it is a good thing but when killing a session after 1 minute of inactivity start to be a mess when you have multiple session opened in parallel.

This can be avoid on the client side by configuring a keep-alive period on the client side. To activate a such keepalive, you just have to connect with the following command line:

ssh -o ServerAliveInterval=5 login@server.com

This will configure client to send a NULL packet every 5 seconds to keep the session opened.

Posted in Systems | Tagged , | Leave a comment

Install GateOne – an HTML5 ssh client

gateone_loginWith the growing firewall constraints accessing a server over ssh is not always a pleasant journey ; I’ve read a korben post on GateOne html5 server side ssh client and I just got an opportunity to deploy it for a test. This post will detail how to install it and secure it a little bit.

 

Continue reading

Posted in Systems | Tagged , , , | 3 Comments