Ajouter un commentaire

Créer un tunnel SSH en mode service sur centos 7

Soumis par kacy le

Des fois on en a besoin, lorsqu'on a pas encore fait les ouvertures de flux qui vont bien. J'ai trouvé un p'tit tuto qui marche bien ici

Je claque le code ici histoire de pas le perdre :P

Create a template service file at `/etc/systemd/system/[email protected]`. The template parameter will correspond to the name of target host:

[Unit]
Description=Setup a secure tunnel to %I
After=network.target
 
[Service]
Environment="LOCAL_ADDR=localhost"
EnvironmentFile=/etc/default/[email protected]%i
ExecStart=/usr/bin/ssh -NT -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -L ${LOCAL_ADDR}:${LOCAL_PORT}:localhost:${REMOTE_PORT} ${TARGET}
 
# Restart every >2 seconds to avoid StartLimitInterval failure
RestartSec=5
Restart=always
 
[Install]
WantedBy=multi-user.target

We need a configuration file (inside `/etc/default`) for each target host we will be creating tunnels for. For example, let's assume we want to tunnel to a host named `jupiter` (probably aliased in `/etc/hosts`). Create the file at `/etc/default/[email protected]`:

TARGET=jupiter
LOCAL_ADDR=0.0.0.0
LOCAL_PORT=20022
REMOTE_PORT=22

Note that for the above to work we need to have allready setup a password-less SSH login to target (e.g. by giving access to a non-protected private key).

Now we can start the service instance:

systemctl start secure-tunnel@jupiter.service
systemctl status secure-tunnel@jupiter.service

Or enable it, so it get's started at boot time:

systemctl enable secure-tunnel@jupiter.service

Pour forwarder un service d'une machine vers une autre il faut remplacer -L [...] par

[...] -R ${REMOTE_PORT}:localhost:${LOCAL_PORT} [...]

et ajouter

GatewayPorts yes

dans le /etc/ssh/sshd_config sur la machine distante pour autoriser SSH à pousser le port sur une autre interface que localhost

Du coup quand on fait un netstat ça marche :)

[root@myhost:~]# netstat -an |grep 8080
tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN
tcp        0      0 :::8080                     :::*                        LISTEN

Plus d'information sur les formats de texte

Filtered HTML

  • Flickr Filter options. expand / collapse
    Insert a Flickr photo. A working example:
    • [flickr-photo:id=7357144724, size=m, mintitle=999, minmetadata=999] (accepts only the parameters id, class, style, size, mintitle and minmetadata)
    To float single photos use [flickr-photo:id=9247386562, class="floatright"], [flickr-photo:id=9247388074, style="float:left;"] or use the AutoFloat module (recommended).

    Insert a Flickr album. Working examples:
    • [flickr-photoset:id=72157634563269642, size=s, num=8, tags=kids/men, media=all, sort=random, count=false, mintitle=999, minmetadata=999, heading=none]
    • [flickr-gallery:id=72157648989290536, size=q, num=4, sort=views]
    • [flickr-group:[email protected], size=q, num=8, tags=flowers, media=all, sort=random, count=false, mintitle=999, minmetadata=999, heading=none]
    • [flickr-user:id=lolandese1, size=q, num=6, tags=kids/men, media=all, sort=random, count=false, mintitle=999, minmetadata=999, heading=none]
    • [flickr-user:id=public, size=q, num=10,tags=Augusto Canario, filter=interesting, sort=views, extend=true]
    • [flickr-user:id=public, size=q, num=8,location=48.867556/2.364088, date=2015-01-11, filter=interesting, sort=views]
    • [flickr-favorites:id=lolandese, size=q, num=4, tags=tomosborn/people, media=all, sort=random, count=false, mintitle=999, minmetadata=999, heading=none]

    Common sizes:
    s : small square 75
    t : thumbnail, 100 on longest side
    q : big square 150     		m : small, 240 on longest side
    n : small, 320 on longest side
    - : medium, 500 on longest side     		x: Responsive slideshow (for group, set and user IDs only)
    y: Basic responsive slideshow (for set and user IDs only)
    The 'c' size (800px) is missing on Flickr images uploaded before March 1, 2012. Photos with non existing sizes will be skipped in albums.

    TIP: Not only the node body but also blocks make use of a text format. Build your own custom Flickr album block using the Flickr Filter syntax.

    PARAMETER EXAMPLES. Omitting a parameter will result in the default value to be used.
    id=lolandese1 : A photo, set, user or group ID. id=public grabs CC licensed public photos (only for [flickr-user:...]). Default: id=k4cy (set in config).
      Find a Flickr group ID. Valid ID values: numeric ID (the one that contains a '@'), path alias, Flickr username or the user's email.
    class="floatleft foo bar" : Syntax as in HTML. Wrap the value in quotes (or not) and put spaces between multiple classes.
      Applies to the outer HTML element of a photo or album.
    style="float:left; border:solid 2px;" : Syntax as in HTML. Wrap the value in quotes (or not) and put semicolons between different style declarations.
      Applies to the outer HTML element of a photo or album.
    size=q : Big square (150px). The sizes x and y display a slideshow and ignore number, media, tags, location and sort settings.
      Default single photo: size=m, album photo: size=s (both set in config).
    num=4 : Display 4 photos. Default: num=30 (set in config). For albums only.
      If set to 1, the single image will behave as such. Heading and counter will be omitted, and float might apply.
      Used to display a single changing random or recent image.
    media=all : Display both photos and videos. Default: media=photos. For albums only.
    tags=kids/men : Separate multiple tags with a slash (/). Display all set, group or user photos that contain the indicated tags.
      Case insensitive, matches any tag, for photosets and galleries even partial. You can exclude results that match a term by prepending it with a - character.
      Public albums will only display photos that match all tags. Like on Flickr spaces are removed from tags (e.g. 'Victoria park' becomes 'victoriapark').
      For albums only.
    extend=true : Extend the tag filter to search for matching terms also in the Flickr photo title and description besides Flickr tags.
      Default: extend=true (set in config). For albums only.
    tag_mode=all : Matches 'all' defined tags (AND). The other possible value is 'any' (OR).
      If this parameter is omitted, 'all' is used if no Flickr user ID is known (public search), otherwise 'any' is used. For albums only.
    location=48.85837/2.294481/0.2 : Display photos within 200 mt from the Eiffel Tower. Lat/lon/radius (in km). Separate values with a slash (/).
      To get the coordinates for a location, right-click on a Google map and choose 'What's here?' or copy/paste it from the URL.
      Substitute the comma (,) with a slash (/). Optionally add a radius to force a major number of results to filter on (max. 32 km).
      If the radius is omitted it defaults to 14 meter and gradually expands to 32 km until a sufficient number of results are returned.
      Besides decimal coordinates also degrees are accepted, e.g. 2° 21' 50.72". For user and group albums only, also public.
    date=2015-01-11 : Display photos taken on 11 January 2015.
      Many accepted date formats (e.g. '11 Jan 2015'), also relative formats (e.g. 'first day of last month | last day of last month').
      Separate two date values with a vertical bar (|) to cover a timespan of multiple days. For user and group albums only, also public.
      Tip: Use a date in combination with a location to grab public photos of an event.
    heading=h3 : Wraps the album title in HTML tags. Use 'p' to apply no style or 'none' to suppress the title. Default heading=p (set in config). For albums only.
    sort=views : Display the most viewed Flickr photos first (popularity, slower response after cache clear).
      Other values: unsorted = recent as delivered by the Flickr API (fastest response),
      random (slower response after cache clear), taken (newest first), posted (newest first) , added (for groups only, newest first) and id (on photo ID, newest first).
      Default: sort=unsorted. For albums only.
    filter=interesting : Display the most interesting photos. Other possible value: relevant. For user and group albums only, also public.
    count=false : Suppress display of the counter under the album (e.g. 5 out of 124 on Flickr). Default: count=true (set in config). For albums only.
    mintitle=999 : Suppress display of the title in the photo captions for images below a width of 999 px. Default: mintitle=100 (set in config).
    minmetadata=999 : Suppress display of the metadata in the photo captions for images below a width of 999 px. Default: minmetadata=150 (set in config).
  • Tags HTML autorisés : <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <p> <code> <bash> <java> <apache>
  • Les lignes et les paragraphes vont à la ligne automatiquement.
  • Vous pouvez activer la coloration syntaxique du code source à l'aide des balises suivantes: <code>, <blockcode>, <apache>, <bash>, <html>, <ini>, <java>, <php>, <properties>, <sql>. The supported tag styles are: <foo>, [foo].
  • Les adresses de pages web et de courriels sont transformées en liens automatiquement.

Plain text

  • Aucune balise HTML autorisée.
  • Les adresses de pages web et de courriels sont transformées en liens automatiquement.
  • Les lignes et les paragraphes vont à la ligne automatiquement.
CAPTCHA
Cette question permet de s'assurer que vous êtes un utilisateur humain et non un logiciel automatisé de relou.
17 + 1 =
Trouvez la solution de ce problème mathématique simple et saisissez le résultat. Par exemple, pour 1 + 3, saisissez 4.