idiot's guide to druby using ssh tunnels

[Ara.T.Howard]

i'm in need of one ;-)

the situation i'm in is that i'd like to write a drb app, but ssh is the only
way into any of our machines...

-a
--
===============================================================================
| EMAIL :: Ara [dot] T [dot] Howard [at] noaa [dot] gov
| PHONE :: 303.497.6469
| ADDRESS :: E/GC2 325 Broadway, Boulder, CO 80305-3328
| URL :: http://www.ngdc.noaa.gov/stp/
| TRY :: for l in ruby perl;do $l -e "print \"\x3a\x2d\x29\x0a\"";done
===============================================================================

 

[Hal Fulton]

i'm in need of one ;-)

the situation i'm in is that i'd like to write a drb app, but ssh is the only
way into any of our machines...

Hmm, I think Nathaniel Talbott is one of our resident experts
in that.

Nathaniel??


Hal

 

[Steven Jenkins]

i'm in need of one ;-)

the situation i'm in is that i'd like to write a drb app, but ssh is the only
way into any of our machines...

It's really easy. To illustrate, I have a Webrick example date server
running on a nearby machine:

$ telnet tidal 2000
Trying 192.168.1.11...
Connected to tidal.
Escape character is '^]'.
Tue Apr 20 22:29:57 PDT 2004
Connection closed by foreign host.

Now suppose that all incoming ports on that system are blocked except
ssh. Then on the local machine I execute

$ ssh -L 3000:localhost:2000 tidal

This says to set up a local port 3000 (can be anything) which tunnels
via ssh to 'localhost:2000' on the machine 'tidal'. That is, the
'localhost' is relative to 'tidal'. Then I can say

$ telnet localhost 3000
Trying 127.0.0.1...
Connected to steven.
Escape character is '^]'.
Tue Apr 20 22:35:46 PDT 2004
Connection closed by foreign host.

where here 'localhost' means my local machine, not 'tidal'.

That's the gist of it. There are other options, but this will get you
in. I use this every day to get to my NAT'ed IMAP server at home from
work, or wherever I happen to be.

Steve

 

[Nathaniel Talbott]

Hmm, I think Nathaniel Talbott is one of our resident experts
in that.

Close, but not exactly... I secured a DRb connection using SSL, but
that won't allow one to access a box using SSH.


Nathaniel
Terralien, Inc.

<(><

 

[Charles Comstock]

Close, but not exactly... I secured a DRb connection using SSL, but that
won't allow one to access a box using SSH.


Nathaniel
Terralien, Inc.

<(><

Yeah but if you can ssh you can portforward so even though it doesn't
look like your connecting on other ports from the outside you still can,
so it ammounts to the same. I would like to know how to do it
automatically with SSL though when the ports to the outside are open.

Charlie