This time I will describe something practical. Nothing really exciting or new, but I always forgot this syntax and it's boring to read SSH manual over and over again... So let this be my memo - if it is also useful for you - great!
Imagine you have a server without internet connectivity at all. But you can - of course - connect there via SSH. And you need to download something from the internet on the server itself. Badly.
That's easy! - you say. You can download it to your host then scp to the server. Done!
Yup, you're totally right. Imagine however, you have to install perl module with tons of dependencies. Downloading all of them one-by-one, then compiling by hand just to reveal that there is another dependency in place.. nightmare. But here comes the solution! SSH Tunneling!
Step #1
Go to ftp://ftp.perl.org/pub/CPAN/MIRRORED.BY and select your favorite CPAN mirror. For purpose of this tutorial I'd use fist one mentioned - http://mirror.23media.de/cpan/
Step #2
Connect to the server and tell SSH to create tunnel starting at remote SSH connection endpoint (-R) port 65432 and ends at selected CPAN mirror (mirror.23media.de:80). (This example uses OpenSSH, but you can use it with Putty or any other SSH client if you want)
ssh username@remote.server -R 65432:mirror.23media.de:80
This command basically establish SSH connection to remote.server and create tunnel from that host, (127.0.0.1:65432) with endpoint at mirror.23media.de:80. You can test it if you want by typing
telnet 127.0.0.1 65432
just after you authorize yourself at remote server correctly. If connection succeeds, you know that you are good to go (you can always follow HTTP protocol and use GET method to do further testing).
Step #3
Launch CPAN. If it is already configured pick your favorite editor and edit your ~/.cpan/CPAN/MyConfig.pm file. Find urllist and change it to:
'urllist' => [ q[http://127.0.0.1:65432/cpan/]],
(If you haven't got CPAN configured previously, dont panic - run cpan normally and answer default to the most of the questions except first one and at very end don't agree for automatic probing and just provide mirror path like above)
There you go! Now you can launch CPAN
$ perl -MCPAN -e shell
and you can enjoy automatic installation of all required perl modules.
cpan> install Net::SSH::Perl
This method, however can lead to issues when during installation process CPAN wants to download something from other url than expected. But now you know how to overcome that issue, doesn't you?
Ahh, almost forgot. What about unleashing full power of SSH tunneling? This example was good for babies. Imagine you need to jump through another 2 servers. Yes, you can join multiple tunnels together. All in single command! The important thing is that respective sockets must match. This is a little bit tricky at the beginning, but once you get to the speed...
ssh username@remote.server1 -R1025:google.com:80 ssh username@remote.server2 -R1026:127.0.0.1:1025 ssh username@remote.server3 -R1027:127.0.0.1:1026
telnet 127.0.0.1 1027 ... :-)
And oh, by the way. Net::SSH:Perl has about 35 dependencies...
$ ls -la ~/.cpan/build | wc -l
35
Know a better way? Share!
No comments:
Post a Comment