thomas graichen <[EMAIL PROTECTED]> wrote:
> Martin Pool <[EMAIL PROTECTED]> wrote:
> > On 31 May 2001, thomas graichen <[EMAIL PROTECTED]> wrote:
> >> did anyone here get rsync tunneled through ssh working so far?
Never needed to send that through ssh. I forward smtp and nntp and
pop all the time through ssh...
> >> just to make clear what i mean: i only have an ssh connection
> >> to a host b (say mine is host a) and want to rsync stuff from
> >> host c this way (because i can't do it directly due to fire-
> >> wall limitations)
>
> > There probably is a solution to forwarding ports this way, but why
> > not just use plain ssh connections? (OK, I can imagine a couple of
> > cases, where perhaps you want many machines on the originating end
> > to share the tunnel. But that won't be allowed using the
> > ssh syntax you showed.)
Hmm. What's wrong with his syntax? (Assuming 'Martin' is a he, sorry
if I'm wrong!) I use 'ssh2 [EMAIL PROTECTED] -L 119:news.there.com:119' to
forward nntp all the time and it works fine - what do you know that
I don't? (Ok, yes, I DO run that command as root ;-)
> because i want to connect to a public rsync server on the other
> end which does not allow me to ssh to it usually ... for
> instance for getting rsync via rsync :-)
>
> ... or maybe i am getting something wrong here - then please
> tell me
>
> >> host-a> ssh -L873:host-c:873 host-b
> >> host-b>
> >>
> >> then also on host a
> >>
> >> host-a> rsync -av localhost::something .
> >>
> >> always only results in
> >>
> >> @ERROR: protocol startup error
> >>
> >> which (as far as i can see) comes from the other end server's
> >> clientserver.c because he can't see me - but why? - i tried it
> >> several times with different machines - i even get the motd of
> >> the server if it has one before the above error - so the
> >> connection and the forwarding seems to work ... i use rsync
> >> 2.4.6 and openssh 2.5.2 ... any ideas anyone? did anyone get
> >> something like this working? (and just to make it clear again:
> >> this has nothing to do with the "-e ssh" option - just to
> >> avoid confusion - i am talking about tunneling the 873 rsync
> >> port through ssh)
>
> > That should work.
>
> > Perhaps rsync at the other end is very old?
Or rsync some how needs a connection back, like ftp does?
Wait! Martin just posted to the list again and said that
other ports don't forward also. Could it be that the machine
you are ssh'ing to does not allow port forwarding???
> ....
> > What happens if you use ssh -v? Do you see messages about
> > connections being forwarded?
>
> yes - portforwarding works (as said: you even get the motd
> from the server if it has one and the @ERROR message is also
> generated from the server side!)
Hmm. I'm not certain yet that I've seen a difinitive (sp?)
yes or no about port forwarding working fully. It LOOKS
like it works, but:
Just for grins and giggles, try this:
ssh whoever@wherever -L 1234:there.wherever:23
Then, from the machine you ran that ssh command on,
try 'telnet localhost 1234' and you should get a telnet
login prompt from 'there.wherever' - this will verify that
port forwarding indeed works. (I just tried that command with
port 22 and it definately is the right syntax for port forwarding ;-)
Make sure you use the machines you plan to do the actual
rsync from first, and if those fail try other combinations
(especially using machines you control, so you can have
a better chance of seeing debugging output ;-)
If they've got this:
# Be paranoid by default
Host *
ForwardAgent no
ForwardX11 no
set in their ssh config or someting similar in their sshd.config
then you may have to come up with a workaround.... I've wondered
about using a local (personal) sshd running on non-priv port that
has been enabled to do forwarding - but fortunately all my servers
I use allow forwarding.
Beyond that I'm stuck (clue challenged! :-)
> any other ideas? - again - thanks in advance
I don't suppose you (Martin) could set it up locally and see what happens
on the server side logs? If I had any time I'd try it here for you,
but I'd probably break our current rsync job ;-)
rc
Rusty Carruth Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621 SnailMail: Schlumberger ATE
FAX: (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N 111 53' 47"W
