 |
 |
Server admin apps that don't work through SSH tunnel
|
|
|
|
|
Forum Regular
Join Date: Nov 1999
Status:
Offline
|
|
I am able to establish a secure connection to my server with the server settings application and can copy files via afp securely as well. I am not however, able to connect with the server monitor application or the workgroup manager when I create an SSH tunnel. For the workgroup manager tunnel I use ssh -L 10625:127.0.0.1:625 my.server.com and for the server monitor tunnel I use ssh -L 10311:127.0.0.1:311 my.server.com . What am I doing wrong? Why would the server settings work just fine but the server monitor workgroup manager and server status applications do not? I have also tried using Vapor but the results are the same as they are when I create the tunnels via the command line.
(Last edited by uochris; Jun 12, 2003 at 12:43 AM.
)
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: May 1999
Location: San Jose, CA
Status:
Offline
|
|
I think this may be a bug in Server Monitor.
Indeed, the ssh tunnel works if you tunnel -L 311:localhost:311 (i.e. use the same port number), but if you use a different port number you don't connect, even if you put localhost:10311 in the server monitor setup.
Since it does work if you keep the same port number, this means you can tunnel one machine securely, but only one.
|
|
Gods don't kill people - people with Gods kill people.
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Nov 1999
Status:
Offline
|
|
I am able to establish a secure VNC session through an SSH tunnel so perhaps I'll run a VNC server but only allow connections via SSH. I figure I can still have access to the server admin apps but I only need to have port 22, 25 and 110 accessible from the outside network.
|
|
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Sep 2002
Location: Sydney, Australia
Status:
Offline
|
|
to use workgroup manager via ssh, you need to forward more than 311 (i believe that workgroup manager connects on multiple ports...at least that was the conclusion i came to when i was setting this up a couple of months ago)
i have a script which forwards 625, 311, 660 and 687, but i don't remember which ports are for which app.
of course, your vnc connection will work as well.
|
|
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Nov 1999
Status:
Offline
|
|
Originally posted by samthecat:
to use workgroup manager via ssh, you need to forward more than 311 (i believe that workgroup manager connects on multiple ports...at least that was the conclusion i came to when i was setting this up a couple of months ago)
i have a script which forwards 625, 311, 660 and 687, but i don't remember which ports are for which app.
of course, your vnc connection will work as well.
So then how do you specify the connection address in the server status address box? Do you forward port 311 to port 311 on your machine or do you forward it to something like 10311? I noticed that it says that only root can forward privileged ports so I assume you could do a sudo ssh command. What do you type in to the address field to connect to the server status application? Now I'm just curious about how to get it to work.
|
|
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Sep 2002
Location: Sydney, Australia
Status:
Offline
|
|
yup, only root can forward ports below 1024, so i do have a sudo in front of the ssh.
when i run the script, i get to put my password in (at the sudo prompt) and the root password (of the foreign machine) for each of the forwards.
i always put "localhost" in the address field of applications, with my normal username and password to get past that.
hope this helps.
cheers
|
|
|
| |
|
|
|
|
|
|
|
| |
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
