Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)

To: debian-user@lists.debian.org
Cc: debian-user@lists.debian.org
Subject: Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
From: John Summerfield <debian@ComputerDatasafe.com.au>
Date: Fri, 25 Jun 2004 11:46:04 +0800
Message-id: <[🔎] 40DB9FFC.9010500@ComputerDatasafe.com.au>
In-reply-to: <[🔎] 20040625031839.GA2881@serensoft.com>
References: <[🔎] 20040625031839.GA2881@serensoft.com>

Will Trillich wrote:

can linux have multiple 127.0.0.1 interfaces? if so, how?

I'm sure it can, but loc is for intra-host traffic - that is, I'mtalking to myself.


I think you're tunneling thw wrong way, you should be doing this:
summer@Dolphin:~$ ssh -L8080:127.0.0.1:80 192.168.1.252
Linux mail 2.4.18-1-686 #1 Wed Apr 14 18:20:10 UTC 2004 i686 unknown

Most of the programs included with the Debian GNU/Linux system are
freely redistributable; the exact distribution terms for each program
are described in the individual files in /usr/share/doc/*/copyright

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have mail.
Last login: Thu Jun 24 21:26:37 2004 from 192.168.9.114
summer@mail:~$

then your client talks to port 8080 on localhost and actually connectsto port 80 on the remote host.

Note that on 192.168.1.252 the connexions come from localhost. This hasimplications for security (eg postgresql trusting anyone from localhost)but also can solve routing hosts: the printers, routers etc on 1.x inthis example can't route to me.

The other thing to consier is a VPN. Openvpn is easy to set up - seeopenvpn.sf.net. In this example, the 1.x network is far far across theInternet from my 9.x LAN.

You will want the 2.0 beta, the current release wants a separate portfor each client:-\ Not a lot better than an interface per client..


okay -- not sure how to word this, but here goes...

a friend of mine is working with a college to establish
remote-to-local ssh tunnels -- we've got an application that
runs on office computers that listens for a connection from the
server, so it can handle the menuing on campus. the
linux/database server says "here, run the menu" and the client
machine says "okie dokie".

we want the staff to be able to do this remotely, and tunnelling
tcp ports (remote-to-local) seems the way to go. works like a
champ, except--

	only one process can seize the server's port 9999 at a time.
	pooh.

so one client connects, tunnels server port 9999 to client's
"localhost:9999". fine and dandy.

then the next tries connecting, and when hooking up to the
server, the server's ssh daemon can't seize port 9999 as it's
already locked down by the first user.

if there were a way to have more than one "localhost" interface,
it would be the way around this. what's needed to implement
something like that? (lo:1 lo:2 etc?)



--

Cheers
John

-- spambait
1aaaaaaa@computerdatasafe.com.au  Z1aaaaaaa@computerdatasafe.com.au

Reply to:

Follow-Ups:
- Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
  - From: Will Trillich <will@serensoft.com>

References:
- interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
  - From: Will Trillich <will@serensoft.com>

Prev by Date: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
Next by Date: Re: Help !, Cant close X in Debian
Previous by thread: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
Next by thread: Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
Index(es):
- Date
- Thread