So, I’m sat at home, having finished work last night, running Fruity Single handedly (the other tech broke his elbow before coming to work, and got sent to A&E bout 1am).
And then sleeping, (hmm sleep)
I find the need to connect to my FreeBSD VM, which is running on my Vista Laptop, which is in the LSRfm.com Office.
Its worth noting that the FreeBSD VM is running its networking as a NAT, so has its own IP address, so the Vista Laptop as a machine has two IP’s.
Standard SSH Tunnelling for the win!
ssh -p <open external port> -f bcarlyon@<lsr office domain> -L 1313:<internal IP of the VM>:22 -N && ssh -p 1313 bcarlyon@127.0.0.1 && kill `ps aux | grep <lsr office domain> | grep -v grep | awk ‘{print $2}’`
Breaking the command down.
Open the tunnel to the office (I like using 1313 and upwards for local ports, 13 is my lucky number).
-p specifys a port, as @katie_server, the machine I am SSH-ing to initally is port forwarded from the LSRfm.com Firewall.
-L sets up the local port
-N executes no command and puts that SSH session into the background.
Then open a ssh session thru that local port
When I exit the SSH session, the grep command kills the Tunnel, but only ssh commands for the lsr office domain.
grep -v grep makes sure that the grep command is exculced from being killed.
I discovered that the awk ‘{print $2}’ was outputting all the matches and thus kill killed them all which is a bonus, see next.
So I decided to setup Foxy Proxy on Firefox, so that I can route all my network traffic that match a lsr office computer, in this case http://192.168.0.*
So my Firefox now uses normal Internet unless accessing a LSRLocal Ip Address, at which points it routes it thru the socks proxy.
That socks proxy being a SSH tunnel to LSR office:
ssh – p <external port> -f bcarlyon@<lsr office domain> -D 1314 -C -N
-D sets up a dynamic, routes all traffic that goes thru 1314 to its relevant port on the outside or internal internet.
So if I wasn’t using FoxyProxy patterns and was routing all my network traffic in Firefox thru the Socks Proxy, then I can access the whole of the internet thru the tunnel, rather than use -L for a local/specific computer.
-D can be used with PuTTY, say if you wanted to listen to Pandora in the UK and happen to have SSH access to a server in america, or if you wanted to use IRN, which is IP Locked, in LSRfm.com’s case to the LSR office.
So now by alias-ed command for my mac, called freebsdvmnet reads:
ssh -p <ext. port> -f bcarlyon@<lsr dom> -L 1313:<VM IP>:22 -N &&
ssh -p <ext. port> -f bcarlyon@<lsr dom> -D 1314 -C -N &&
ssh -p <ext. port> -f bcarlyon@<lsr dom> -L 1315:<VM IP>:80 -N &&
ssh -p 1313 bcarlyon@127.0.0.1 && kill `ps aux | grep <lsr dom> | grep -v grep | awk ‘{print $2}’`
So,
Open ssh tunnel, to LSRfm.com, thru Katie, into FreeBSDvm (running on Vista Top (Hannah).
Open ssh tunnel for internet access
Open specific Tunnel for FreeBSDvm
Open SSH session thru tunnel to FreeBSDvm
KIll it all, when I exit the SSH session thru the Tunnel.
Given my FoxyProxy setup, the Specific Port 80 Tunnel to the FreeBSDvm is not needed. (I discovered FoxyProxy Patten Matching after writing the command).
So after all this I thought about connecting to the LSR File Server (lsr-fs) thru the tunnel. Initially trying a standard SSH tunnel on port 139, I find that smb://localhost:port/share/ the use of localhost is disabled in current OSX.
Brief Google Later: http://blog.newsyland.com/mac-os-x/leopard-broke-smb-tunneling
Choices Choices.
sudo ifconfig lo0 alias 127.0.0.2 up
Seems easiest, but I find myself using, the main instructions.
Create a ssh tunnel overwriting port 139, then smb://localhost works fine, (but seriously why disable the localhost loop back in the first place)
sudo ssh -p <Ext IP> -f bcarlyon@<lsr dom> -L 139:127.0.0.1:139 -N
The Blog Advises routing 445 too.
Both are privileged ports so need Sudo.
So some terminal use as directed by Newsyland Blog = Win
So that is what I’ve done this morning, some ssh fun and accessing the File Server as if I was in the office.
Next to see if it works on Windows, this is gonna be useful for general use, (and stopping my Apache server needing .htaccess Rules to stop people accessing it) and for Student Radio External Broadcasts!
AND YES I STILL NEED TO FIX MY BLOG STYLE!!!!