This shows you the differences between two versions of the page.
— |
jrodos:ssh_go_through_firewall_by_blocked_port_22 [2015/05/08 10:49] (current) yu created |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | **Requirement**: SSH connection from Client to Server should work.(Client has only port 80 and 443 open, Server has port 80, 443 and 22 open) | ||
+ | |||
+ | **Server**: Ubuntu | ||
+ | **Client**: Ubuntu or Windows | ||
+ | |||
+ | **Solution 1: Let SSH Server listen on a new port 443** | ||
+ | |||
+ | This Solution works for both type of Client, i.e, it works for Ubuntu and Windows. | ||
+ | |||
+ | __On Server:__ | ||
+ | |||
+ | $ sudo nano /etc/ssh/sshd_config | ||
+ | |||
+ | Change | ||
+ | Port 22 | ||
+ | to | ||
+ | Port 443 | ||
+ | |||
+ | __On Client:__ | ||
+ | |||
+ | ssh -p 443 username_on_Server@IP_of_Server | ||
+ | |||
+ | sftp -P 443 username_on_Server@IP_of_Server | ||
+ | |||
+ | **Solution 2**: Use httptunnel | ||
+ | |||
+ | 1. This solution works only for ubuntu client. It doesn't work on windows client. | ||
+ | |||
+ | 2. Download "HTTPTunnel_v1.2.1_platformindependent.tgz" from http://sourceforge.net/projects/http-tunnel/files/http-tunnel/HTTPTunnel%20v1.2.1/ to Client and Server. | ||
+ | |||
+ | 3. Install HTTPTunnel on Client and Server. | ||
+ | $tar -xvzf HTTPTunnel_v1.2.1_platformindependent.tgz | ||
+ | $cd HTTPTunnel_v1.2.1 | ||
+ | $cp -R common perl | ||
+ | $cd perl | ||
+ | |||
+ | 4. Start HTTPTunnel on Client | ||
+ | $perl httptunnel_client.pl | ||
+ | |||
+ | 5. Start HTTPTunnel on Server | ||
+ | $perl httptunnel_server.pl | ||
+ | |||
+ | 6. On Client, open browser to URL http://localhost:1079 | ||
+ | |||
+ | 7. Config Client http://localhost:1079 | ||
+ | On Tab "Tunnel Client", modify the "Portmapping Proxy" with following parameter: | ||
+ | Map port: 10022 | ||
+ | to port: 22 | ||
+ | on server: IP_of_Server | ||
+ | Make sure that port 10022 is unused: command "$sudo lsof -i :10022" must list nothing | ||
+ | Otherwise set another value to "Map port" greater than 1024 | ||
+ | |||
+ | 8. On Server, open browser to URL http://localhost | ||
+ | Make sure, that port 80 is unused. Otherwise stop the process which use port 80. | ||
+ | "$sudo lsof -i :80" | ||
+ | "$sudo kill pid_number" | ||
+ | |||
+ | 9. On Client, use following command to connect Server: | ||
+ | $ssh -p 10022 username_in_Server@localhost | ||
+ | |||
+ | 10. On Client, also FileZilla works with following Setting: | ||
+ | Host: localhost | ||
+ | Port: 10022 | ||
+ | Protocol: SFTP-SSH File Transfer Protocol | ||
+ | Logon Type: Ask for password | ||
+ | user: username in Server | ||
+ | |||
+ | If you want the connection be encrypted, please install Crypt::OpenSSL::RSA and Mcrypt for perl on Ubuntu: | ||
+ | |||
+ | 11. upgrade and update | ||
+ | $sudo apt-get upgrade | ||
+ | $sudo apt-get update | ||
+ | |||
+ | 12. Install perl modus Crypt::OpenSSL::RSA | ||
+ | |||
+ | $sudo apt-get install libssl-dev | ||
+ | $sudo perl -MCPAN -e 'install Crypt::OpenSSL::RSA' | ||
+ | |||
+ | 13. Prepare for installing perl modus Mcrypt | ||
+ | |||
+ | $sudo apt-get install synaptic | ||
+ | $sudo synaptic | ||
+ | |||
+ | install following packages from synaptic: | ||
+ | |||
+ | libyaml-libyaml-perl | ||
+ | libyaml-perl | ||
+ | libmcrypt-dev | ||
+ | |||
+ | 14. Create syslink for libltdl.so | ||
+ | sudo ln -s /usr/lib/x86_64-linux-gnu/libltdl.so.7 /usr/lib/x86_64-linux-gnu/libltdl.so | ||
+ | |||
+ | 15. Install Mcrypt | ||
+ | $sudo perl -MCPAN -e 'install Mcrypt' | ||
+ | |||
+ | 16. Start server again, Warning about Encryption is not shown anymore. | ||
+ | $perl httptunnel_server.pl |