[PVE-User] ssh tunnel reverse
diazluis2007 at gmail.com
Wed Nov 21 19:33:03 CET 2012
Greetings, thanks for the reply.
we have a proxy, but the proxy never bothered.
only when we need to connect to the outside.
chequie the fail2ban and apparently was not blocking anything ..
my local PC is: 126.96.36.199
the server is: 188.8.131.52
PCs and server are on the same network.
I have the server side even mine.
before attempting to use a user that is not root, always needed to make a
reverse tunnel to use administrative interface .. wonder: is this normal?
I've always used fail2ban
The only novelty here is:
* Block root access via ssh.
* Create a "user XZY" with permission to connect via ssh
* User XYZ uses "sudo" for administrative tasks
my language is Spanish (sorry)
2012/11/19 Alexandre Kouznetsov <alk at ondore.com>
> El 19/11/12 09:17, Luis Díaz escribió:
>> netstat -tanpu
> Great, you proxmox seems top be up ans listening on port 8006
> root at mipc:~$ telnet 184.108.40.206 8006
>> Trying 220.127.116.11...
>> Connected to 18.104.22.168.
>> Escape character is '^]'.
> Even better, the port 8006 seems to be reachable from your workstation.
> (assuming 22.214.171.124 is your proxmox server)
> tunnel reverse:
>> root at mipc:/home/user1# ssh -l 1234:127.0.0.1:8006
>> <http://127.0.0.1:8006> userxyz at 126.96.36.199
>> <mailto:userxyz at 188.8.131.52**>
>> Received disconnect from 184.108.40.206 <http://220.127.116.11>: 2: Too
>> many authentication failures for userxyz
> It seems like your fail2ban is still working. Check it's documentation for
> reference how to disable it, or at least clear your client host ban.
> Finally, try https://xxx.xxx.xxx.xxx:8006
>> <https://xxx.xxx.xxx.xxx:8006/**> in your browser, and tell specifically
>> what error (if any) do you get. An exact quotation is important.
> Are you using a proxy server? Try disabling proxy, at leas for HTTPS.
> Have you tried any other browser? Chrome's error messages seems to be not
> too descriptive.
> Are your hosts 18.104.22.168 and 22.214.171.124 on the same network? What
> about host "mipc"? Is it behind a NAT, or it uses 126.96.36.199 directly? I
> have seen the error you describe when more than one NAT in a row was used,
> which is a pretty wired setup.
> Alexandre Kouznetsov
> pve-user mailing list
> pve-user at pve.proxmox.com
Analista Programador Facultad de Odontología UC
User Linux 532223
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the pve-user