jdaigle/shared shared

## gistfile1.md

      
    Raw
  

              gistfile1.md
            
          
    #Example 1: Local Forwarding
ssh -L *:8081:host:3389 root@gateway -N

This command will listen locally on port 8081 which will forward all connections to host:3389 from the gateway server. This basically lets us access a host or port that only "gateway" can access.
#Example 2: Remote Forwarding
ssh -R *:8081:host:3389 root@gateway -N

This command will listen remotely on port 8081 on the gateway server, which will forward all connections to host:3389 on the local server. This basically lets us remotely access a host or port that only the local server can access.
#Questions

Does this scale?
Can we automatically set up the tunnel/forwarding on startup? Maybe http://www.harding.motd.ca/autossh/
Can we monitor the forwarding?
Also checkout https://joeyh.name/code/pdmenu/


## shared shared
1. 'yum upgrade' -> to make sure default packages are up-to-date
2. 'yum install vim'
3. 'yum install curl'
4. 'yum install wget'
5. edit '/etc/sysconfig/clock' and append 'UTC=false'
6. 'yum install ntp'
7. 'ntpdate 0.us.pool.ntp.org'
8. 'service ntpd start'
9. 'chkconfig ntpd on'
10. Modify '/etc/hosts' -> add entries for hostname and FQDN (e.g. lb01 and lb01.cw.dell.internal)
11. 'iptables -F; service iptables save; service iptables restart' -> Flush iptables config
12. reboot server to make sure all changes are good-to-go
13. Modify /etc/ssh/sshd_config, enable "AllowTcpForwarding" and "GatewayPorts"

## ssh_config
HOST gateway
    HostName 10.0.1.91
    Port 8022
    User root
    ConnectionAttempts 10
    ServerAliveInterval 30
    StrictHostKeyChecking yes
    ExitOnForwardFailure yes
    RemoteForward *:50122 localhost:22
    RemoteForward *:50180 10.0.1.43:80
    RemoteForward *:50188 localhost:8080
    RemoteForward *:50143 localhost:8443
    LocalForward *:80 10.0.1.43:80
	1. 'yum upgrade' -> to make sure default packages are up-to-date
	2. 'yum install vim'
	3. 'yum install curl'
	4. 'yum install wget'
	5. edit '/etc/sysconfig/clock' and append 'UTC=false'
	6. 'yum install ntp'
	7. 'ntpdate 0.us.pool.ntp.org'
	8. 'service ntpd start'
	9. 'chkconfig ntpd on'
	10. Modify '/etc/hosts' -> add entries for hostname and FQDN (e.g. lb01 and lb01.cw.dell.internal)
	11. 'iptables -F; service iptables save; service iptables restart' -> Flush iptables config
	12. reboot server to make sure all changes are good-to-go
	13. Modify /etc/ssh/sshd_config, enable "AllowTcpForwarding" and "GatewayPorts"
	HOST gateway
	HostName 10.0.1.91
	Port 8022
	User root
	ConnectionAttempts 10
	ServerAliveInterval 30
	StrictHostKeyChecking yes
	ExitOnForwardFailure yes
	RemoteForward *:50122 localhost:22
	RemoteForward *:50180 10.0.1.43:80
	RemoteForward *:50188 localhost:8080
	RemoteForward *:50143 localhost:8443
	LocalForward *:80 10.0.1.43:80