Hi, I have changed the names of the machines to protect the innocent, as they say. localMahcineInsidefirewall is a redhat 9 intel box, and remoteMachineOutsideFirewall is a Solaris machine.
On Sat, 2003-11-01 at 07:46, David Woodhouse wrote: > On Wed, 2003-10-29 at 17:13 -0800, Mike Godfrey wrote: > > If I run this: > > ssh -L 5143:external.server.net:993 external.server.net > > then I get a normal telnet-like ssh connection. Is this what I want? > > Is this connection secretly doing port redirection while I read news, > > use vi, etc? > > It _should_ be, certainly. In another terminal, what happens if you run > 'telnet localhost 5143'? It says > insideFirewallMachine% telnet localhost 5143 > Trying 127.0.0.1... > Connected to localhost.localdomain (127.0.0.1). > Escape character is '^]'. and then it just hangs. > If that doesn't succeed, show the output of the same ssh command with > '-v' added. It's possible that port forwarding has been disabled, > although I'd have expected a warning message from your ssh client in > that case. I enclose such a log below > > If I tell evolution to connect to localhost:5143, evolution says that > > the local host is refusing connections to port 5143 (I am a newbie at > > this port/networking stuff). > > Odd. As long as you are currently logged in to 'external.server.net' > from the machine on which Evolution is running, with the above command > line, this should have worked. > > I generally can't be bothered to start the SSH connections manually. > It's not something that session management can handle for me, and I tend > to reuse the terminals which are lying around and log out, taking the > tunnels with them.... that's why I prefer to let Evolution run SSH for > itself. How do you set up Evolution to run SSH for itself ?? Many thanks for the advice. Here is the log: > Script started on Mon 03 Nov 2003 10:07:52 AM PST > insideFireWall(1): ssh -L 5143:remoteMachineOutsideFirewall:993 > remoteMachineOutsideFirewall > > OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f > debug1: Reading configuration data /home/migod/.ssh/config > debug1: Applying options for *uwaterloo.ca > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug1: Rhosts Authentication disabled, originating port will not be > trusted. > debug1: ssh_connect: needpriv 0 > debug1: Executing proxy command: exec sconnect -H > wcmpka.eng.sun.com:8080 remoteMachineOutsideFirewall 22 > debug1: identity file /home/migod/.ssh/identity type -1 > debug1: identity file /home/migod/.ssh/id_rsa type -1 > debug1: identity file /home/migod/.ssh/id_dsa type 2 > debug1: Remote protocol version 1.99, remote software version > OpenSSH_3.6.1p2 > debug1: match: OpenSSH_3.6.1p2 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_3.5p1 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-cbc hmac-md5 none > debug1: kex: client->server aes128-cbc hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: dh_gen_key: priv key bits set: 122/256 > debug1: bits set: 1611/3191 > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug1: Host 'remoteMachineOutsideFirewall' is known and matches the > RSA host key. > debug1: Found key in /home/migod/.ssh/known_hosts:2 > debug1: bits set: 1579/3191 > debug1: ssh_rsa_verify: signature correct > debug1: kex_derive_keys > debug1: newkeys: mode 1 > debug1: SSH2_MSG_NEWKEYS sent > debug1: waiting for SSH2_MSG_NEWKEYS > debug1: newkeys: mode 0 > debug1: SSH2_MSG_NEWKEYS received > debug1: done: ssh_kex2. > debug1: send SSH2_MSG_SERVICE_REQUEST > debug1: service_accept: ssh-userauth > debug1: got SSH2_MSG_SERVICE_ACCEPT > debug1: authentications that can continue: > publickey,password,keyboard-interactive,hostbased > debug1: next auth method to try is publickey > debug1: try privkey: /home/migod/.ssh/identity > debug1: try privkey: /home/migod/.ssh/id_rsa > debug1: try pubkey: /home/migod/.ssh/id_dsa > debug1: input_userauth_pk_ok: pkalg ssh-dss blen 435 lastkey 0x808ba90 > hint 2 > debug1: read PEM private key done: type DSA > debug1: ssh-userauth2 successful: method publickey > debug1: Connections to local port 5143 forwarded to remote address > remoteMachineOutsideFirewall:993 > socket: Address family not supported by protocol > debug1: Local forwarding listening on 127.0.0.1 port 5143. > debug1: fd 3 setting O_NONBLOCK > debug1: channel 0: new [port listener] > debug1: channel 1: new [client-session] > debug1: send channel open 1 > debug1: Entering interactive session. > debug1: ssh_session2_setup: id 1 > debug1: channel request 1: pty-req > debug1: Requesting X11 forwarding with authentication spoofing. > debug1: channel request 1: x11-req > debug1: channel request 1: shell > debug1: channel 1: open confirm rwindow 0 rmax 32768 > Last login: Mon Nov 3 13:04:31 2003 from nwkea-http-2.su > Sun Microsystems Inc. SunOS 5.8 Generic Patch October 2001 > > Tue Oct 21 07:48 > Terminal type is xterm > remoteMachineOutsideFirewall(1): > > debug1: Connection to port 5143 forwarding to > remoteMachineOutsideFirewall port 993 requested. > debug1: fd 9 setting TCP_NODELAY > debug1: fd 9 setting O_NONBLOCK > debug1: channel 2: new [direct-tcpip] > debug1: channel 2: open confirm rwindow 131072 rmax 32768 > exit > debug1: channel 1: rcvd eof > debug1: channel 1: output open -> drain > debug1: client_input_channel_req: channel 1 rtype exit-status reply 0 > debug1: channel 1: rcvd close > debug1: channel 1: close_read > debug1: channel 1: input open -> closed > logout > debug1: channel 1: obuf empty > debug1: channel 1: close_write > debug1: channel 1: output drain -> closed > debug1: channel 1: almost dead > debug1: channel 1: gc: notify user > debug1: channel 1: gc: user detached > debug1: channel 1: send close > debug1: channel 1: is dead > debug1: channel 1: garbage collecting > debug1: channel_free: channel 1: client-session, nchannels 3 > > debug1: channel 2: rcvd eof > debug1: channel 2: output open -> drain > debug1: channel 2: obuf empty > debug1: channel 2: close_write > debug1: channel 2: output drain -> closed > debug1: channel 2: read<=0 rfd 9 len 0 > debug1: channel 2: read failed > debug1: channel 2: close_read > debug1: channel 2: input open -> drain > debug1: channel 2: ibuf empty > debug1: channel 2: send eof > debug1: channel 2: input drain -> closed > debug1: channel 2: send close > debug1: channel 2: rcvd close > debug1: channel 2: is dead > debug1: channel 2: garbage collecting > debug1: channel_free: channel 2: direct-tcpip: listening port 5143 for > remoteMachineOutsideFirewall port 993, connect from 127.0.0.1 port > 48096, nchannels 2 > debug1: channel_free: channel 0: port listener, nchannels 1 > Connection to remoteMachineOutsideFirewall closed. > debug1: Transferred: stdin 0, stdout 0, stderr 40 bytes in 25.6 > seconds > debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 1.6 > debug1: Exit status 0 > insideFireWall(2): > insideFireWall(2): exit > > Script done on Mon 03 Nov 2003 10:08:34 AM PST -- Michael W. Godfrey Univ of Waterloo, School of Comp Sci email: [EMAIL PROTECTED] URL: http://www.uwaterloo.ca/~migod _______________________________________________ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
