User Tools

Site Tools


jrodos:ssh_go_through_firewall_by_blocked_port_22

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

jrodos:ssh_go_through_firewall_by_blocked_port_22 [2015/05/08 10:49] (current)
yu created
Line 1: Line 1:
  
 +**Requirement**:​ SSH connection from Client to Server should work.(Client has only port 80 and 443 open, Server has port 80, 443 and 22 open)
 +
 +**Server**: Ubuntu
 +**Client**: Ubuntu or Windows
 +
 +**Solution 1: Let SSH Server listen on a new port 443**
 +
 +This Solution works for both type of Client, i.e, it works for Ubuntu and Windows.
 +
 +__On Server:__
 +
 +$ sudo nano /​etc/​ssh/​sshd_config
 +
 +Change ​
 +Port 22
 +to
 +Port 443
 +
 +__On Client:__
 +
 +ssh -p 443 username_on_Server@IP_of_Server ​
 +
 +sftp -P 443 username_on_Server@IP_of_Server
 +
 +**Solution 2**: Use httptunnel
 +
 +1. This solution works only for ubuntu client. It doesn'​t work on windows client.
 +
 +2. Download "​HTTPTunnel_v1.2.1_platformindependent.tgz"​ from http://​sourceforge.net/​projects/​http-tunnel/​files/​http-tunnel/​HTTPTunnel%20v1.2.1/​ to Client and Server.
 +
 +3. Install HTTPTunnel on Client and Server.
 +$tar -xvzf HTTPTunnel_v1.2.1_platformindependent.tgz
 +$cd HTTPTunnel_v1.2.1
 +$cp -R common perl
 +$cd perl
 +
 +4. Start HTTPTunnel on Client
 +$perl httptunnel_client.pl
 +
 +5. Start HTTPTunnel on Server
 +$perl httptunnel_server.pl
 +
 +6. On Client, open browser to URL http://​localhost:​1079
 +
 +7. Config Client ​ http://​localhost:​1079
 +  On Tab "​Tunnel Client",​ modify the "​Portmapping Proxy" with following parameter:
 +   Map port: 10022
 +   to port: 22
 +   on server: IP_of_Server
 +  Make sure that port 10022 is unused: command "$sudo lsof -i :​10022"​ must list nothing
 +  Otherwise set another value to "Map port" greater than 1024
 +
 +8. On Server, open browser to URL http://​localhost
 +    Make sure, that port 80 is unused. Otherwise stop the process which use port 80.
 +    "$sudo lsof -i :​80" ​
 +    "$sudo kill pid_number"​
 +
 +9. On Client, use following command to connect Server:
 +    $ssh -p 10022 username_in_Server@localhost
 +
 +10. On Client, also FileZilla works with following Setting:
 +     Host: localhost
 +     Port: 10022
 +     ​Protocol:​ SFTP-SSH File Transfer Protocol
 +     Logon Type: Ask for password
 +     user: username in Server
 +
 +If you want the connection be encrypted, please install Crypt::​OpenSSL::​RSA and Mcrypt for perl on Ubuntu:
 +
 +11. upgrade and update
 +$sudo apt-get upgrade
 +$sudo apt-get update
 +
 +12. Install perl modus Crypt::​OpenSSL::​RSA
 +
 +$sudo apt-get install libssl-dev
 +$sudo perl -MCPAN -e '​install Crypt::​OpenSSL::​RSA'​
 +
 +13. Prepare for installing perl modus Mcrypt
 +
 +$sudo apt-get install synaptic
 +$sudo synaptic
 +
 +install following packages from synaptic:
 +
 +libyaml-libyaml-perl
 +libyaml-perl
 +libmcrypt-dev
 +
 +14. Create syslink for libltdl.so
 +sudo ln -s /​usr/​lib/​x86_64-linux-gnu/​libltdl.so.7 /​usr/​lib/​x86_64-linux-gnu/​libltdl.so
 +
 +15. Install Mcrypt
 +$sudo perl -MCPAN -e '​install Mcrypt'​
 +
 +16. Start server again, Warning about Encryption is not shown anymore.
 +$perl httptunnel_server.pl
jrodos/ssh_go_through_firewall_by_blocked_port_22.txt ยท Last modified: 2015/05/08 10:49 by yu