There is a Rapla event planner running at my work. It is set to be accessible only from computers in our office, though (IP check?). I needed to have an access also from my home, but the administrator won't reconfigure Rapla. However, I have an sftp account at the server (which is the same as the one where Rapla is running - same IP addressess; this server is accessible from Internet at browser's port 80, since we have our homepage running there).
I figured out, that I can upload Glype proxy script to my acoount and run it like this from any IP address: www.mycompany-domain.com/myfolder/glype/index.php. It really works and redirects me to a lot of websites, while showing my company server's IP. However, when I try to connect to a 8051 port (Rapla's port) through Glype, I get the cURL error:
The requested resource could not be loaded. libcurl returned the
error: Failed to connect to /here goes the IP/: Permission denied
Later on, I found a script called Glypeahead, which, according to the author, should fix this issue. I wasn't able to find any info how to use it and being myself just an amateur programmer, I am stuck at this moment.
So, my question is the following: how can I connect, using Glype, to Rapla's port 8051? I am open to any non-Glype solution too :-).
Related
How do I start a PHP public server using Command Prompt (I'm using windows).
If I use PHP -S localhost:<port> it runs the server on my own localhost but no one outside my connection can access it, but I want my friend in the US to access it.How do I do that using Command Prompt
I have not yet tried anything yet
You can try use localhost tunneling with ngrok.io or pagekite
You need to modify your router's configuration, ie.:
link internal IP (e.g. 192.168.0.XXX) and port (e.g. 80) to your external/public IP. BTW, better to use non-standard HTTP port on the outside due to security issues. You can find these settings when login to router and go to Settings->NAT Forwarding / Virtual servers.
Your friend can then access http://<YOUR_PUBLIC_IP>:<YOUR_PUBLIC_PORT> from his/her browser. If you are concerned with dynamic IP, you should register with Dynamic DNS Provider (DDNS) for example: https://www.dynu.com/
When I ssh into my server, I issue the following command:
ssh <username>#<ip-of-server>
Then, when I get in, I see the following as my prompt:
<username>#ip-<different-ip-address>:
When I try echo $PS1 in the server, then I see the following:
\[\e]0;\u#\h: \w\a\]${debian_chroot:+($debian_chroot)}\u#\h:\w\$, which tells me that the host must be different. Why are these not the same: ip and host?
The reason I ask is because, I can access the just fine by ssh-ing, but I cannot ping it:
ping <ip-of-server> ... results in 100% losses.
So, I thought maybe I should ping the other ip, however:
ping ip-<different-ip-address> ... also results in 100% losses.
How is it possible to not be able to ping, yet I can still log in?
Private IP is internal to AWS which is 10.x.x.x
You can also check that by invoking
curl http://169.254.169.254/latest/meta-data/local-ipv4
within your instance which gets that info from the metadata server.
Public IP (if assigned) is the external IP. You can get the same from metadata server. Try:
curl http://169.254.169.254/latest/meta-data/
If your shell prompt is an issue, you can set the prompt after querying the public IP.
ip-of-server is probably the public ip of the server. different-ip-address is probably the private ip of the server.
pings will not go through from the outside unless you enable ICMP traffic through the Security group the you've set for your instance.
It's possible to log in because the port used for SSH is open (TCP 22) in the Security group, while ICMP is not open (ICMP).
We send some files across to a third party with a PHP cron job via FTP.
However sometimes we get the following error:
ErrorException [ 2 ]: ftp_put(): php_connect_nonb() failed: Operation
now in progress (115) ~ MODPATH/fileop/classes/Drivers/Fileop/Ftp.php [ 37 ]
When I say "sometimes" I mean exactly that; most times it goes across fine but about 1 in 5 times we get that error. It's not to do with the files themselves, because they will go happily if we try again.
We've found similar issues online - relating to a bug in PHP with NAT devices or to do with firewall configuration but again the implication is that if this were the case it would never work.
So, why would this work some times and not others?
ftp_set_option($ftpconn, FTP_USEPASVADDRESS, false);
This line of code before setting passivity of the connection ftp_pasv($ftpconn, true);
Solved my problem
FTP(S) uses random ports to set up data connections; an intermittent success rate indicates that not all ports are allowed by a firewall on the client and/or server machines. The port range for incoming (PASV) data connections can be set in the FTP server.
This page has a nice summary:
The easy way is to simply allow FTP servers and clients unlimited
access through your firewall, but if you like to limit their access to
"known" ports, you have to understand the 4 different scenarios.
1) The FTP server should be allowed to accept TCP connections to port
21, and to make TCP connections from port 20 to any (remote ephemeral)
port.
2) The FTP server should be allowed to accept TCP connections to port
21, AND to accept TCP connections to any ephemeral port as well!
3) The FTP client should be allowed to make TCP connections to port
21, and to accept TCP connections from port 20 to any ephemeral port.
4) The FTP client should be allowed to make TCP connections to port
21, and to make TCP connections to any other (remote ephemeral) port
as well!
So, I'm writing this answer after doing some investigation on my FTP server and reading the link you provided elitehosts.com.
I'm using FileZilla FTP server, and there is a specific setting that I had to enter to make it work. Going into the server settings, there is an area titled "Passive mode settings". In that dialog, there is an area titled "IPv4 specific", and within that area there is a setting labeled "External Server IP Address for passive mode transfers:". It's a radio button selection set, and it was on "Default", but since the FTP server is NAT'ed, I changed that radio selection from "Default" to "Use the following IP:" and entered in the external-facing IP address of my gateway provided by my ISP.
After I set this up, it worked! Not terribly sure if your FTP server is NAT'ed, but I thought I would provide the answer on this thread because it seems related.
In addition to Cees answer, I am running vsftp on ec2 and had to comment out the listen_ipv6=YES, listen=YES then "service vsftpd restart".
Although documentation says it will listen on ipv4 as well it wasn't and this resolved the issue.
For me all I had to do was to remove the ftp_pasv( $ftpconn, true ); and everything worked perfectly. I'm not yet sure why but I am trying to find out and I will surely come back when I do get the reason behind it.
This should be a comment under jj_dev2 comment, but I cannot add one due to reputation. But maybe it will be helpful for someone, so I post it here.
We had the same issue as described in the original post. In our case it worked with many customers - except one.
The solution in jj_dev2 comment did work for us. So we investigated what does ftp_set_option($conn, FTP_USEPASVADDRESS, false) actually do. And based on that we found out that in fact customer's FTPS server was configured incorrectly.
In response to PASV command (ftp_pasv($conn, true)) FTP server returns an IP address which the PHP FTP client then will use for data transfers. In our case the FTP server was returning an internal IP address and not the public IP address that we connect to. Customer had to fix their FTP server settings so FTP server would send external IP address in the PASV command response.
I am moving my files from one server to another. Our new hosting company has given us provisional IPs for each domain/sub-domain (which I have modified my hosts file with + dumped dns). Additionally, they have provided username/passwords for these "fake" IPs for ftp/ssh. Although, when I try to connect to these servers, via IP, I get connection errors, ranging from "host not found" to "username/password incorrect". I have tried though WinSCP, FileZilla, and Dreamweaver. Is there something that I am missing? I'm to 'thick' to ask my hosting company (call it ego) what's wrong.
Question: If I'm given a provisional IP/username/password for a domain, is there some other requirement in order to connect to a domain in order to modify files?
Well.. heres your options.
Firewalls in your company/house are blocking sftp (port 22)
They meant FTP not sftp
can you ping the IP (dependant on firewall too)
For the times you've had username/password rejections what were you using, as that at least made contact, or the error was misleading..
Answer: The company provisioning my IPs did not add my IP to their firewall, so I wasn't allowed access.
I'm developing website for my school. In that school we authenticate users via LDAP, so there was an idea to do the same via school-site. On that site everything is working perfectly, but during developing I need very often to test if such solution works, of not. In order not to commit my changes so often I want to test this site on my local computer, but for connecting with LDAP i want to use ssh tunnel. In school network we have one server through witch we are connecting with inside of our school network. It's address is phoenix.lo5.bielsko.pl. Inside this network we have LDAP server with opened 389 and 636 ports. It's address is auth.lo5. I don't have access to auth.lo5 via SSH, I can only connect with it to get some LDAP entries. So, I've tried to run SSH tunnel by running:
ssh -L 636:auth.lo5:636 hfaua#phoenix.lo5.bielsko.pl
Then, I've set in my /etc/hosts that auth.lo5 is pointing to 127.0.0.1. I'm connecting to LDAP in PHP in such a way:
ldap_connect('ldaps://auth.lo5', 636);
But I'm getting error Can't contact LDAP server. I think, that problem might be on phoenix.lo5.bielsko.pl in its SSH daemon config or in arguments passed to ldap_connect() function. Can you tell me, what should I set in sshd_config or in arguments passed to ldap_connect to get it working?
I posted the same question in similar thread, but no one has answered my question.
P.S. In my /etc/ssh/sshd_config I have line AllowTcpForwarding yes
If I got it right phoenix.lo5 and auth.lo5 are 2 different machines.
If so you have to create a tunnel to the ssh machine, and then send the ldap queries to the right machine.
Your command: ssh -L 636:auth.lo5:636 hfaua#phoenix.lo5.bielsko.pl is right if phoenix.lo5.bielsko.pl can resolve auth.lo5 via DNS or /etc/hosts, if not you need to use its internal ip address.
Also if you want to use port 636 on your pc, you need to run your command as superuser (root or with sudo) else you need to use an high port (above 1024) as stated by Borealid
Once the tunnel is up you have to point to localhost to do the queries
I ran into this same issue. Running with -d1 showed me this error:
TLS: hostname (mylaptop.local) does not match common name in certificate (*.mydomain.com).
TLS reverse lookup of 'localhost' is 'mylaptop.local', checking if that matches the certificate common name
Could be you're hitting a similar problem.
I was able to fake it out by running:
sudo hostname someserver.mydomain.com
which caused SSL to assume it was talking to the right host.
I was also getting the error hostname (mylaptop.local) does not match common name in certificate (*.mydomain.com). However I did not want to edit the hostname of my machine to match that of the LDAP server. Instead I edited the hosts file (etc/hosts on linux) file to add a line that would intercept requests to the LDAP server eg:
127.0.0.1 ldap.server.com
This has the added benefit of not requiring you to change which server name you are trying to connect to in your code, you only need to change the port number if you chose a different port.
Try replacing all instances of auth.lo5 with localhost:
ssh -L 636:localhost:636 hfaua#phoenix.lo5.bielsko.pl
and
ldap_connect('ldaps://localhost', 636);
If that doesn't work, try turning off SSL to see if that works:
ssh -L 389:localhost:389 hfaua#phoenix.lo5.bielsko.pl
and
ldap_connect('localhost', 389);