ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

SSH Dynamic Port Forwarding

https://mail.forum.configserver.com/viewtopic.php?t=6396

Page 1 of 1

SSH Dynamic Port Forwarding

Posted: 15 Mar 2013, 23:46
by danialbehzadi
Hi there,
I just installed csf and I use SSH dynamic port forwarding. I use obfuscated ssh (http://nihilex[dot]com/obfuscated-openssh) for a secret handshake wich is in "/opt/ob-openssh/sbin/sshd". I connect from my computer to my VPS (which csf in installed on) with:

Code: Select all

$ ssh -D <local_port> -z -Z <obfuscate_key> -p <server_ssh_port> <server_ip>
to make a socks connetion on my computer "localhost:<local_port>". but when I enable csf, no connection would be established. The browser will stuck on loading page and some timeouts will be shown on the terminal. What should I do to enable dynamic port forwarding when csf is enabled?

I already added <server_ssh_port> to "TCP_IN" and "TCP_OUT" in "/etc/csf/csf.conf", but that did not help.

here is some part of lfd log which seems relevant:

Mar 15 18:08:47 academy-vps lfd[11644]: *User Processing* PID:855 Kill:0 User:statd Time:255687 EXE:/sbin/rpc.statd CMD:/sbin/rpc.statd
Mar 15 18:11:34 academy-vps lfd[11857]: *User Processing* PID:10013 Kill:0 User:danialbehzadi Time:1848 EXE:/usr/bin/ssh-agent CMD:ssh-agent -s
Mar 15 18:13:34 academy-vps lfd[12186]: *Suspicious Process* PID:12040 PPID:11929 User:mysql Uptime:96 secs EXE:/usr/sbin/mysqld CMD:/usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=3306
Mar 15 18:18:34 academy-vps lfd[12287]: *Suspicious Process* PID:12219 PPID:1500 User:nobody Uptime:78 secs EXE:/usr/sbin/vsftpd CMD:/usr/sbin/vsftpd
Mar 15 18:18:34 academy-vps lfd[12287]: *Suspicious Process* PID:12221 PPID:12219 User:danialbehzadi Uptime:77 secs EXE:/usr/sbin/vsftpd CMD:/usr/sbin/vsftpd
Mar 15 18:43:54 academy-vps lfd[12782]: *SSH login* from 85.133.198.167 into the danialbehzadi account using password authentication
Mar 15 18:45:34 academy-vps lfd[12831]: *Suspicious Process* PID:12746 PPID:12744 User:danialbehzadi Uptime:103 secs EXE:/opt/ob-openssh/sbin/sshd CMD:sshd: danialbehzadi@pts/0

Re: SSH Dynamic Port Forwarding

Posted: 16 Mar 2013, 00:41
by danialbehzadi
I made the csfpost file which contains:

Code: Select all

iptables -P FORWARD ACCEPT
and it seems that the connection problem is solved, but there are still timeout warnings:
danialbehzadi@academy-vps:~$ channel 4: open failed: connect failed: Connection timed out
channel 6: open failed: connect failed: Connection timed out
channel 7: open failed: connect failed: Connection timed out
channel 8: open failed: connect failed: Connection timed out
channel 9: open failed: connect failed: Connection timed out
channel 10: open failed: connect failed: Connection timed out
channel 11: open failed: connect failed: Connection timed out
channel 12: open failed: connect failed: Connection timed out
channel 13: open failed: connect failed: Connection timed out
channel 14: open failed: connect failed: Connection timed out
channel 15: open failed: connect failed: Connection timed out
channel 16: open failed: connect failed: Connection timed out
channel 17: open failed: connect failed: Connection timed out
channel 18: open failed: connect failed: Connection timed out
channel 3: open failed: connect failed: Connection timed out
channel 4: open failed: connect failed: Connection timed out
channel 3: open failed: connect failed: Connection timed out
channel 4: open failed: connect failed: Connection timed out

Re: SSH Dynamic Port Forwarding

Posted: 19 Mar 2013, 02:00
by herostime
I have also suffer this question, and i do not know what's wrong, and finally, i ask my colleague to solve this problem
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited