Re: [UCLA-LUG] ssh via proxy?
Dear Yoshio:
Hi. You don't know me, but the Internet has caused our paths to cross.
I found a solution that can help us both when it comes to using Los
Angeles Free-Net to make remote ssh/ftp/telnet connections through
LAFN's socks proxy.
While looking for a solution, I found a post you made back in February
where you say "currently I get 'no route to host' when I try commands
telnet/ftp/ssh":
"[UCLA-LUG] ssh via proxy?"
http://www.linux.ucla.edu/pipermail/linux/2001-February/004507.html
Then I found this message (which was written by me, alas, then
forgotten about) from April on the debian-firewall list:
"Re: Using socks4-clients with proxy at L.A. Free-Net (LAFN)"
http://lists.debian.org/debian-firewall-0104/msg00031.html
All that's needed is to edit a file (refer to ``man socks.conf'').
Here's what mine looks like:
~$ cat /etc/socks.conf
# socks configuration
#direct 127.0.0.1 255.255.255.255
#direct 10.7.10.255 255.255.255.0
#sockd 0.0.0.0 0.0.0.0
#direct 0.0.0.0 0.0.0.0
sockd @=206.117.18.6 0.0.0.0 0.0.0.0 ppp0
~$
I think the solution there should work on your Red Hat 7.0 box. It
works for me on a Debian GNU/Linux (2.2r3) box. Perhaps more students
and staff at UCLA would get an account with LAFN (for just $40/year)
if they knew how to configure their GNU/Linux computer to work through
proxy servers (so far I've been able to configure "everything" to work
with LAFN).
Below is an example (commands + stderr). We can see that the
connection is established. Mr. Joost Kooij said it was going to be a
simple solution, and sure enough it was! Unfortunately I saw many
dozens of email messages and Usenet postings that had the "no route to
host" problem behind a proxy firewall, but almost none mentioned
socks.conf (the default route in /etc/socks.conf is "direct", thus the
"no route to host"). I think it's just a matter of self-education,
and educating the educators.
hope this email helped...
-------------------------------------------------------
~$ ssh -v rcymbala@marxists.org
SSH Version 1.2.27 [i686-unknown-linux], protocol version 1.5.
Standard version. Does not use RSAREF.
debian: Reading configuration data /etc/ssh-nonfree/ssh_config
debian: Applying options for *
debian: ssh_connect: getuid 1000 geteuid 0 anon 0
debian: Connecting to marxists.org [216.39.174.30] port 22.
debian: Allocated local port 1023.
debian: Connection established.
debian: Remote protocol version 1.99, remote software version OpenSSH_2.9p2
debian: Waiting for server public key.
debian: Received server public key (768 bits) and host key (1024 bits).
Host key not found from the list of known hosts.
Are you sure you want to continue connecting (yes/no)? no
~$
-------------------------------------------------------
~# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:22135 errors:0 dropped:0 overruns:0 frame:0
TX packets:22135 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.9.43 P-t-P:206.117.18.15 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:452 errors:1 dropped:0 overruns:0 frame:1
TX packets:426 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
~#
-------------------------------------------------------
P.S.
Command ``ssh'' comes from:
http://packages.debian.org/stable/non-us/ssh-socks.html
Regards,
--
Robert Cymbala QUEBEC CITY: ///
cymbaLa@Lafn.org Leaders of 34 Western Hemisphere nations promised
to create a hemisphere in which `no one is left
behind.' J. GERSTENZANG (LA Times), 4/23/2001
Reply to: