2020-04-16 Notes on setting up a reverse ssh tunnel. Starting with understanding how it is done on Dazzle via PiTun. system_defaults.py defines ports from 028 .. 214 sshports['xxx']['kahe'] = 136 # Kahe, in-office test machine monitor_base = 10100 tunnel_base = 20100 pi_server='128.171.154.46' #ulili.soest.hawaii.edu It is safe to set up a tunnel port in the 400-600 range. #### check_tunnel.bash MONITOR_PORT="10400" DEFAULT_PORT="20400" PORTAL="128.171.154.46" COMMAND="autossh -M$MONITOR_PORT -f -N -o \"StrictHostKeyChecking=no\" -o \"ServerAliveInterval 60\" -o \"ServerAliveCountMax 3\" -R $PORT_VALUE:localhost:22 autossh@$PORTAL" #### end check_tunnel.bash Let's try to set this up on Morgana: See /home/toby/bin/tunnel_dazzle then, from elsewhere, ssh -p 20400 toby@128.171.154.46 next, screenshare ssh -p 20400 -L 5901:localhost:5900 toby@128.171.154.46 # It looks like screen sharing is not enabled on Morgana. rigel02:PY3(~)$ ps aux | grep vino adcp 1169 0.5 0.5 672512 41512 ? SLl Apr02 123:35 /usr/lib/vino/vino-server # It looks like we need to have vino running toby@morgana:~$ su - root@morgana:~# apt-get update root@morgana:~# apt-get install vino Setting up vino (3.22.0-1) ... Processing triggers for desktop-file-utils (0.23-1) ... Processing triggers for libglib2.0-0:i386 (2.50.3-2+deb9u2) ... root@morgana:~# ps aux | grep vino # nothing # Restart toby@morgana:~# ps aux | grep vino # nothing toby@morgana:~$ sudo /usr/lib/vino/vino-server [sudo] password for toby: 16/04/2020 11:10:07 PM Autoprobing TCP port in (all) network interface 16/04/2020 11:10:07 PM Listening IPv6://[::]:5900 16/04/2020 11:10:07 PM Listening IPv4://0.0.0.0:5900 16/04/2020 11:10:07 PM Autoprobing selected port 5900 16/04/2020 11:10:07 PM Advertising security type: 'TLS' (18) 16/04/2020 11:10:07 PM Re-binding socket to listen for VNC connections on TCP port 5900 in (all) interface 16/04/2020 11:10:07 PM Listening IPv6://[::]:5900 16/04/2020 11:10:07 PM Listening IPv4://0.0.0.0:5900 16/04/2020 11:10:07 PM Clearing securityTypes 16/04/2020 11:10:07 PM Advertising security type: 'TLS' (18) 16/04/2020 11:10:07 PM Clearing securityTypes 16/04/2020 11:10:07 PM Advertising security type: 'TLS' (18) 16/04/2020 11:10:07 PM Advertising authentication type: 'No Authentication' (1) 16/04/2020 11:10:08 PM Re-binding socket to listen for VNC connections on TCP port 5900 in (all) interface 16/04/2020 11:10:08 PM Listening IPv6://[::]:5900 16/04/2020 11:10:08 PM Listening IPv4://0.0.0.0:5900 toby@morgana:~$ ps aux | grep vino root 1201 0.4 0.1 6728 3916 pts/0 S+ 23:09 0:00 sudo /usr/lib/vino/vino-server root 1202 5.8 1.1 78144 23704 pts/0 Sl+ 23:10 0:01 /usr/lib/vino/vino-server toby@morgana:~$ /home/toby/bin/tunnel_dazzle ssh -R 20400:localhost:22 dummy@128.171.154.46 dummy@128.171.154.46's password: dazzle8:(~)$ netstat -lunt | grep 20400 tcp 0 0 0.0.0.0:20400 0.0.0.0:* LISTEN mulili:~ toby999$ ssh -p 20400 -L 5901:localhost:5900 toby@128.171.154.46 toby@128.171.154.46's password: On Mulili browse to: vnc://localhost:5901 Connection failed to "localhost". The software on the remote computer appears to be incompatible with this version of Screen Sharing. On Morgana: 16/04/2020 11:22:05 PM [IPv6] Got connection from client localhost 16/04/2020 11:22:05 PM other clients: 16/04/2020 11:22:05 PM Client Protocol Version 3.3 16/04/2020 11:22:05 PM rfbClientConnFailed("No security type suitable for RFB 3.3 supported") 16/04/2020 11:22:05 PM Client localhost gone 16/04/2020 11:22:05 PM Statistics: 16/04/2020 11:22:05 PM framebuffer updates 0, rectangles 0, bytes 0