Saturday, March 24, 2007
ssh tunnelling fun
To access a service that only accepts requests at localhost:9090 at myserver, I can ssh tunnel from mypc to myserver:
More info on ssh tunnelling here.
Another example:
Say host-A can access host-B whereas mypc can only ssh to host-A but cannot access host-B. To access host-B from mypc:
ssh -L 9090:localhost:9090 -N myserverNow, access to localhost:9090 at mypc would be forwarded to localhost:9090 at myserver.
More info on ssh tunnelling here.
Another example:
Say host-A can access host-B whereas mypc can only ssh to host-A but cannot access host-B. To access host-B from mypc:
ssh -N -p 22 -c 3des userid@host-A -L 9090/host-B/9090Now, access to localhost:9090 at mypc would be forwarded to host-B:9090
jconsole ssh tunnelling
Now say one can normally jconsole via a service url like:jconsole service:jmx:rmi://myhost:6160/jndi/rmi://myhost:6110/serverBut if ports 6160 and 6110 are restricted, it would render jconsole almost useless. Here is how ssh tunnelling may come to rescue (if you are allowed to ssh to the host):
ssh -L 6160:localhost:6160 -N myhostOh, don't forget to start up the JVM with
ssh -L 6110:localhost:6110 -N myhost
jconsole service:jmx:rmi://localhost:6160/jndi/rmi://localhost:6110/server
-Djava.rmi.server.hostname=localhost
