Expose port, open PowerShell run as administrator
$ New-NetFirewallRule -Name db2port50000 -DisplayName 'db2port50000' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 50000
Check first list avalability, open cmd run as administrator.
$ netsh interface portproxy show all
If there was available active port, kill before re-forward port.
$ netsh interface portproxy delete v4tov4 listenport=50000 listenaddress=0.0.0.0
Re-add previous port.
$ netsh interface portproxy add v4tov4 listenport=50000 listenaddress=0.0.0.0 connectport=50000 connectaddress=127.0.0.1
----- ----- ----- ----- ----- ----- ----- ----- ----- -----
Special case-1 :
I have a virtual machine on cloud and personal computer that actively connect to internet.
On my PC there was a DB2 installed with port 50000.
So, when I'm not at office. How can I connect to DB2?
The solution one is by using SSH.
Here is the ssh script, enable your local port to be established via virtual machine on cloud.
$ ssh -nN -R remote_port:127.0.0.1:local_port -i .ssh\private_key usrdebian@ip_public -p ssh_port
Edit SSH config
$ sudo nano /etc/ssh/sshd_config
Enable GatewayPorts: Find the line with GatewayPorts and set its value to yes. If it's commented out (starts with #), uncomment it and change no to yes.
GatewayPorts yes
----- ----- ----- ----- ----- ----- ----- ----- ----- -----
Special case-2 :
I knew SSH has default timeout if there is no activity connection. The question is, how to make you SSH keep alive? If you using private key that it has passphrase, you need todo this (but I don't guarantee). In this case, I'm using Debian Trixie container in Docker that it runs on Windows 11.
Jump into your container, then :
$ cd ~/.ssh
If your private key come from Windows and it doesn't work properly in Linux, do this :
$ sed -i -e 's/\r//g' ~/.ssh/privatekey
$ cp ./privatekey ./privatekey-no-pswd
$ chmod 600 ~/.ssh/privatekey-no-pswd
Test the result :
$ ssh -i ~/.ssh/privatekey usrdebian@ip_public_cloud -p ssh_port_cloud
Now, remove passphrase from your privatekey :
$ ssh-keygen -p -f ~/.ssh/privatekey-no-pswd
$ AUTOSSH_GATETIME=0 autossh -N -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -R *:ssh_port_remote:127.0.0.1:ssh_port_local -i ~/.ssh/privatekey-no-pswd usrdebian@ip_public_cloud -p ssh_port_cloud
If you have a plan like dedicated server that it would uptime seamlessly :
$ apt-get update && apt-get install autossh -y
$ mkdir -p /opt/ssh
$ touch /opt/ssh/sshd-proxy-p2111.sh
$ nano /opt/sshd/sshd-proxy-p2111.sh
Paste this, into /opt/sshd/sshd-proxy-p2111.sh
----- ----- ----- ----- ----- ----- ----- ----- ----- -----
#!/bin/bash
AUTOSSH_GATETIME=0 autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -N -R *:ssh_port_remote:127.0.0.1:ssh_port_local -i ~/.ssh/privatekey-no-pswd usrdebian@ip_public_cloud -p ssh_port_cloud
----- ----- ----- ----- ----- ----- ----- ----- ----- -----
Now, create a service : sshd-proxy-p2111.service
$ touch /etc/systemd/system/sshd-proxy-p2111.service
$ nano /etc/systemd/system/sshd-proxy-p2111.service
Paste this, into /etc/systemd/system/sshd-proxy-p2111.service
----- ----- ----- ----- ----- ----- ----- ----- ----- -----
[Unit]
Description=SSH Proxy port 2111
After=network.target
[Service]
Type=simple
# Adjust these paths to your specific manual install
ExecStart=/opt/ssh/sshd-proxy-p2111.sh
ExecStop=kill -9 $(lsof -t -i:2111)
# Optional: Ensure it has enough permissions for high-end tuning
LimitNOFILE=65535
Restart=on-failure
[Install]
WantedBy=multi-user.target
----- ----- ----- ----- ----- ----- ----- ----- ----- -----
$ systemctl daemon-reload
$ systemctl enable sshd-proxy-p2111.service
$ systemctl start sshd-proxy-p2111.service
Now, check port 2111 / ssh_port_remote on your local :
$ sudo netstat -tulpn | grep ssh_port_remote
And then check ssh_remote_port on your cloud :
$ ssh -i ~/.ssh/privatekey usrdebian@ip_public_cloud -p ssh_port_cloud
$ sudo netstat -tulpn | grep ssh_port_remote
Test the result :
$ ssh root@ip_public_cloud -p ssh_proxy_port_on_cloud
----- ----- ----- ----- ----- ----- ----- ----- ----- -----
Done
Comments
Post a Comment