2
So I am trying to do something that is relatively simply in theory but my use-case seems to be hard to find since most proxying I find on the internet is in regards to setting up a proxy for your browser via an SSH tunnel.
What I would like to do is setup a mapped drive on my Mac that points to a linux box that I have SSH access to. I've found some helpful resources online including this in which the author recommends something like:
sudo ifconfig lo0 127.0.0.2 alias up
sudo ssh -NL 127.0.0.2:139:localhost:139 \
-NL 127.0.0.2:445:localhost:445 \
user@ssh-host
From what I understand, that looks fine... However, my setup is only slightly more complicated. This assumes that you have direct SSH access to the box. My situation is such that I connect to my machine through another machine. So, my ~/.ssh/config looks like the following:
Host *.dev
User jmurray
IdentityFile ~/.ssh/my_dev_identity_file
ProxyCommand ssh -A proxy_box nc %h %p
So, when I ssh into jmurray.dev
(the taget linux box), I will be directed through the proxy_box
server. I should mention that this network configuration is outside of my control, so please don't suggest changes to the network configuration itself.
So, from the aforementioned tutorial, the first command works fine (of course) but the second command of:
sudo ssh -NL 127.0.0.2:139:localhost:139 \
-NL 127.0.0.2:445:localhost:445 \
jmurray@jmurray.dev
errors with:
sh: Could not resolve hostname jmurray.dev: nodename nor servname provided, or not known
So, I'm only assuming here that it is not reading my config file when I make this request. So, I decide that I'll feed it my configurations via the command line with the slightly modified version:
sudo ssh -NL 127.0.0.2:139:localhost:139 \
-NL 127.0.0.2:445:localhost:445 \
jmurray@jmurray.dev \
-o 'User jmurray' \
-o 'IdentityFile ~/.ssh/my_dev_identity_file' \
-o 'ProxyCommand ssh -A proxy_box nc %h %p'
but then I get a separate error of:
Permission denied (publickey,gssapi-with-mic).
ssh_exchange_identification: Connection closed by remote host
So... This is where I get stuck. I feel like this should be possible. If I can ssh into the box in once command from my local machine, then I feel like it should be possible to setup my tunnel in one command from my local machine. And since the proxy_box
is a shared machine, I'd really like to stay away from any solutions that require me to act as root on that box.
Thanks in advance for any help!! It's much appreciated!
I'm still wresting with the concept and syntax of port-forwarding in SSH. Can you give me an example in your answer? That would be fantastic! And I'll be glad to accept it as the answer to my question! – John – 2013-02-15T15:28:01.100