[PVE-User] ssh tunnel reverse

Luis Díaz diazluis2007 at gmail.com
Wed Nov 21 19:33:03 CET 2012

Greetings, thanks for the reply.

we have a proxy, but the proxy never bothered.
only when we need to connect to the outside.

chequie the fail2ban and apparently was not blocking anything ..

my local PC is:
the server is:

PCs and server are on the same network.
I have the server side even mine.

before attempting to use a user that is not root, always needed to make a
reverse tunnel to use administrative interface .. wonder: is this normal?
I've always used fail2ban

The only novelty here is:
* Block root access via ssh.
* Create a "user XZY" with permission to connect via ssh
* User XYZ uses "sudo" for administrative tasks

my language is Spanish (sorry)

2012/11/19 Alexandre Kouznetsov <alk at ondore.com>

> Hello.
> El 19/11/12 09:17, Luis Díaz escribió:
>> netstat -tanpu
>> http://i.minus.com/**ibawGESjmRs3xd.png<http://i.minus.com/ibawGESjmRs3xd.png>
> Great, you proxmox seems top be up ans listening on port 8006
>  root at mipc:~$ telnet 8006
>> Trying
>> Connected to
>> Escape character is '^]'.
> Even better, the port 8006 seems to be reachable from your workstation.
> (assuming is your proxmox server)
>  tunnel reverse:
>> root at mipc:/home/user1# ssh  -l 1234:
>> <> userxyz at
>> <mailto:userxyz at**>
>> Received disconnect from <>: 2: Too
>> many authentication failures for userxyz
> It seems like your fail2ban is still working. Check it's documentation for
> reference how to disable it, or at least clear your client host ban.
>  Finally, try https://xxx.xxx.xxx.xxx:8006
>> <https://xxx.xxx.xxx.xxx:8006/**> in your browser, and tell specifically
>> what error (if any) do you get. An exact quotation is important.
>> http://i.minus.com/**iCtpfuylTldqv.png<http://i.minus.com/iCtpfuylTldqv.png>
>> http://i.minus.com/**ib1LN6Rz5vCDiL.png<http://i.minus.com/ib1LN6Rz5vCDiL.png>
> Are you using a proxy server? Try disabling proxy, at leas for HTTPS.
> Have you tried any other browser? Chrome's error messages seems to be not
> too descriptive.
> Are your hosts and on the same network? What
> about host "mipc"? Is it behind a NAT, or it uses directly? I
> have seen the error you describe when more than one NAT in a row was used,
> which is a pretty wired setup.
> --
> Alexandre Kouznetsov
> ______________________________**_________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-**bin/mailman/listinfo/pve-user<http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user>

Díaz Luis
Analista Programador Facultad de Odontología UC
User Linux 532223
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-user/attachments/20121121/b6f7ddfe/attachment.htm>

More information about the pve-user mailing list