Now wget will work and so will sudo apt-get so you can install packages. make sure your wifi router is not using the same .y range (configure a different "x" in this case) ssh -R 8080:localhost:8080 the PI export http_proxy= with visudo add the text: Defaults env_keep = "http_proxy https_proxy ftp_proxy" configure a static ip on your wifi and remove the gateway address (unless you are doing advanced things) else you get two default routes and its very annoying. The default settings seemed good enough for me. (not just generic squid, I had too much trouble with building it) I used this for using my laptops 4g dongle to route internet to a raspberry pi with a fixed line connection to a wifi router. But here are the more detailed steps I used. Here we can initiate an ssh tunnel in one direction, then use that tunnel to create an ssh tunnel back the other way. Traffic flow diagram 's answer was good enough for me to get it all down. This will allow Host B to access the internet through Host A. Ssh -R 3129:localhost:3128 you want to make persistent SSH tunnel, you can use autossh as follows:Īutossh -M 20000 -f -NT -R 3129:localhost:3128 above autossh command to work, you should be having SSH Keys setup from HostA to HostB Run the following SSH command from Host A Make sure the server is started on Host A (e.g. Add the following entries to /etc/environmentĬreating SSH tunnel with Remote port forwarding.If Host A itself uses some proxy say 10.140.78.130:8080 to connect to internet then also add that proxy to /etc/squid/nf as follows:.Comment the http_access deny all then add http_access allow all in /etc/squid/nf.You are likely to be getting authentication errors.Just adding some more and clear steps to and answers. It is likely that the service ssh command is being run as root and looking for the keys in the /etc/ssh/ dir. Try specifying a username or/and the path to the keys in the ssh command. Main PID: 10744 (code=exited, status=255)Īpr 01 14:51:07 pfmw-traveller1 systemd: Unit entered failed state.Īpr 01 14:51:07 pfmw-traveller1 systemd: Failed with result 'exit-code'.ĭoes someone can help me to figure out what this status 255 means? Thanks. Process: 10744 ExecStart=/usr/bin/ssh -F /etc/default/nfig -NT ackt0 (code=exited, status=255) Loaded: loaded (/etc/systemd/system/ disabled vendor preset: enabled)Īctive: activating (auto-restart) (Result: exit-code) since Wed 14:51:07 UTC 1s ago But when i try to start it from systemctl (on a Debian 9 system), i receive a failed response as follow: Hi, i am using the version that uses the /etc/default/nfig file and able to get connection when i run the command from shell. The TCP protocol should flag a sent packet missing an ACK but I have experienced problems with blocked SSH links. This will ensure that both ends have killed their ssh connections before trying to re-open them. In that 10s period, AA would try to open a new connection that would fail because it is blocked by BB. I think 'RestartSec' should be long enough that both ends know their connection is broken.Įnd AA sends a packet that is received by BB but the connection is blocked before a reply is received by AA.ĪA detects a failed linkand will close the connection in 30sec.īB received the packet from AA and thinks the connection is still open.Īfter 10sec, BB sends a packet, with no reply.īB now detects a failed link and will close the connection in 30sec. The effect is that the failed end (AA) tries to open a new connection, which is blocked by the half dead connection at the other end (BB). To prevent the possibility of trying to open a failed SSH connection at one end (AA), while the other end (BB) still thinks the connection is alive. Needs to be greater than ServerAliveInterval or and ClientAliveInterval, especially for tunnels. Now we can start the service instance: systemctl start status enable it, so it get's started at boot time: systemctl enable think by giving access to a non-protected private key). Note that for the above to work we need to have allready setup a password-less SSH login to target (e.g. For example, let's assume we want to tunnel to a host named jupiter (probably aliased in /etc/hosts). We need a configuration file (inside /etc/default) for each target host we will be creating tunnels for. # Restart every >2 seconds to avoid StartLimitInterval failure RestartSec=5 Environment= "LOCAL_ADDR=localhost " -NT -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -L $
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |