I reply to all queries on the forums and via email, once per day, Monday to Friday (not weekends).

If you are new here, please see some information on how to ask for support. Thank you!

SSH Tunneling

dashed-slug.net Forums General discussion SSH Tunneling

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #2697
    Anonymous
    Inactive

    Hi Alex,

    Of course this is out of scope, still thought to mention and check with you. Followed article at https://www.digitalocean.com/community/tutorials/how-to-encrypt-traffic-to-redis-with-stunnel-on-ubuntu-16-04 and could communicate between servers on SSH tunnel. Daemon also starts and run perfectly after enabling SSL but could not communicate through plugin. I am sure, i must be missing something… Any clue?

    Thanks

    #2702
    Anonymous
    Inactive

    Does this work if i don’t use stunnel service? Remote port forward? was checking on following https://blog.trackets.com/2014/05/17/ssh-tunnel-local-and-remote-port-forwarding-explained-with-examples.html

    #2703
    Anonymous
    Inactive

    Alex,

    Successfully connected thru SSH Tunnel port forwarding to plugin site. Worked perfectly, now plugin uses 127.0.0.1 to connect daemon running on remote server.

    #2707
    Anonymous
    Inactive

    So here we go.. first time i got introduced to SSH Tunnel. Connected successfully.
    following is the command ssh -R server2:port:localhost:port root@server2
    The challenge is how to keep tunnel alive.

    #2708
    alexg
    Keymaster

    Hi, good to hear you got it working.

    I intend to add instructions in the documentation at some point, so thank you for sharing the command.

    As for keeping the tunnel alive, it seems the best practice is to use autossh:

    https://superuser.com/a/37768/220597

    #2712
    Anonymous
    Inactive

    Alex,

    There is more to it … earlier mentioned command terminates after a while, and it’s not possible to monitor it all the time until a service is created to take care of it. So following is what is needed to be done

    https://gist.github.com/sanludhi/c2477758d37ff1557d0819f88492a7ca

    When port is forwarded to the plugin, IP for the daemon would be 127.0.0.1 and no need to mention rpcallowip=x.x.x.x. in the coin.conf.

    NOTE: Need not to install Stunnel service

    Thanks

    #2714
    Anonymous
    Inactive

    I mean no need to mention rpcallowip=externalip

    #2716
    Anonymous
    Inactive
    #2719
    alexg
    Keymaster

    Thank you very much for sharing all of this info. Setting up a service is the best option as you said.

    Once I try this out myself I will add to the documentation.

    It makes sense that when you set up a tunnel you need to connect to localhost instead of the remote IP.

    best regards

Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.