User Tools
jrodos:ssh_go_through_firewall_by_blocked_port_22
Differences
This shows you the differences between two versions of the page.
| — |
jrodos:ssh_go_through_firewall_by_blocked_port_22 [2015/05/08 10:49] (current) yu created |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | **Requirement**: SSH connection from Client to Server should work.(Client has only port 80 and 443 open, Server has port 80, 443 and 22 open) | ||
| + | |||
| + | **Server**: Ubuntu | ||
| + | **Client**: Ubuntu or Windows | ||
| + | |||
| + | **Solution 1: Let SSH Server listen on a new port 443** | ||
| + | |||
| + | This Solution works for both type of Client, i.e, it works for Ubuntu and Windows. | ||
| + | |||
| + | __On Server:__ | ||
| + | |||
| + | $ sudo nano /etc/ssh/sshd_config | ||
| + | |||
| + | Change | ||
| + | Port 22 | ||
| + | to | ||
| + | Port 443 | ||
| + | |||
| + | __On Client:__ | ||
| + | |||
| + | ssh -p 443 username_on_Server@IP_of_Server | ||
| + | |||
| + | sftp -P 443 username_on_Server@IP_of_Server | ||
| + | |||
| + | **Solution 2**: Use httptunnel | ||
| + | |||
| + | 1. This solution works only for ubuntu client. It doesn't work on windows client. | ||
| + | |||
| + | 2. Download "HTTPTunnel_v1.2.1_platformindependent.tgz" from http://sourceforge.net/projects/http-tunnel/files/http-tunnel/HTTPTunnel%20v1.2.1/ to Client and Server. | ||
| + | |||
| + | 3. Install HTTPTunnel on Client and Server. | ||
| + | $tar -xvzf HTTPTunnel_v1.2.1_platformindependent.tgz | ||
| + | $cd HTTPTunnel_v1.2.1 | ||
| + | $cp -R common perl | ||
| + | $cd perl | ||
| + | |||
| + | 4. Start HTTPTunnel on Client | ||
| + | $perl httptunnel_client.pl | ||
| + | |||
| + | 5. Start HTTPTunnel on Server | ||
| + | $perl httptunnel_server.pl | ||
| + | |||
| + | 6. On Client, open browser to URL http://localhost:1079 | ||
| + | |||
| + | 7. Config Client http://localhost:1079 | ||
| + | On Tab "Tunnel Client", modify the "Portmapping Proxy" with following parameter: | ||
| + | Map port: 10022 | ||
| + | to port: 22 | ||
| + | on server: IP_of_Server | ||
| + | Make sure that port 10022 is unused: command "$sudo lsof -i :10022" must list nothing | ||
| + | Otherwise set another value to "Map port" greater than 1024 | ||
| + | |||
| + | 8. On Server, open browser to URL http://localhost | ||
| + | Make sure, that port 80 is unused. Otherwise stop the process which use port 80. | ||
| + | "$sudo lsof -i :80" | ||
| + | "$sudo kill pid_number" | ||
| + | |||
| + | 9. On Client, use following command to connect Server: | ||
| + | $ssh -p 10022 username_in_Server@localhost | ||
| + | |||
| + | 10. On Client, also FileZilla works with following Setting: | ||
| + | Host: localhost | ||
| + | Port: 10022 | ||
| + | Protocol: SFTP-SSH File Transfer Protocol | ||
| + | Logon Type: Ask for password | ||
| + | user: username in Server | ||
| + | |||
| + | If you want the connection be encrypted, please install Crypt::OpenSSL::RSA and Mcrypt for perl on Ubuntu: | ||
| + | |||
| + | 11. upgrade and update | ||
| + | $sudo apt-get upgrade | ||
| + | $sudo apt-get update | ||
| + | |||
| + | 12. Install perl modus Crypt::OpenSSL::RSA | ||
| + | |||
| + | $sudo apt-get install libssl-dev | ||
| + | $sudo perl -MCPAN -e 'install Crypt::OpenSSL::RSA' | ||
| + | |||
| + | 13. Prepare for installing perl modus Mcrypt | ||
| + | |||
| + | $sudo apt-get install synaptic | ||
| + | $sudo synaptic | ||
| + | |||
| + | install following packages from synaptic: | ||
| + | |||
| + | libyaml-libyaml-perl | ||
| + | libyaml-perl | ||
| + | libmcrypt-dev | ||
| + | |||
| + | 14. Create syslink for libltdl.so | ||
| + | sudo ln -s /usr/lib/x86_64-linux-gnu/libltdl.so.7 /usr/lib/x86_64-linux-gnu/libltdl.so | ||
| + | |||
| + | 15. Install Mcrypt | ||
| + | $sudo perl -MCPAN -e 'install Mcrypt' | ||
| + | |||
| + | 16. Start server again, Warning about Encryption is not shown anymore. | ||
| + | $perl httptunnel_server.pl | ||
jrodos/ssh_go_through_firewall_by_blocked_port_22.txt ยท Last modified: 2015/05/08 10:49 by yu
Page Tools
