netstat -an | grep 59010
tcp 0 0 0.0.0.0:59010 0.0.0.0:* LISTEN
tcp 0 0 ku.ku.ku.ku:59010 178.178.94.129:63363 SYN_RECV
tcp6 0 0 :::59010 :::* LISTEN
debug1: connect_next: start for host 127.0.0.1 ([127.0.0.1]:5901)
debug1: connect_next: connect host 127.0.0.1 ([127.0.0.1]:5901) in progress, fd=4
debug1: channel 0: new forwarded-tcpip [178.178.94.129] (inactive timeout: 0)
debug1: confirm forwarded-tcpip
debug1: channel 0: connection failed: Connection refused
connect_to 127.0.0.1 port 5901: failed.
debug1: channel 0: free: 178.178.94.129, nchannels 1
debug1: client_input_channel_open: ctype forwarded-tcpip rchan 2 win 2097152 max 32768
debug1: client_request_forwarded_tcpip: listen 0.0.0.0 port 59010, originator 178.178.94.129 port 31570
netstat -lntup | grep LISTEN
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 1197/unbound
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 37222/sshd
<b>tcp 0 0 0.0.0.0:59000 0.0.0.0:* LISTEN 35973/sshd: astar</b>
netstat -lntup | grep LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1071/cupsd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1077/sshd: /usr/sbi
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 849/systemd-resolve
tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN 849/systemd-resolve
tcp 0 0 127.0.0.54:53 0.0.0.0:* LISTEN 849/systemd-resolve
tcp6 0 0 :::22 :::* LISTEN 1077/sshd: /usr/sbi
<b>tcp6 0 0 :::5900 :::* LISTEN 2022/gnome-remote-d </b>
tcp6 0 0 :::5355 :::* LISTEN 849/systemd-resolve
tcp6 0 0 ::1:631 :::* LISTEN 1071/cupsd
<b>tcp6 0 0 :::3389 :::* LISTEN 2022/gnome-remote-d </b>
tcp 0 0 0.0.0.0:59000 0.0.0.0:* LISTEN 28917/sshd: astar
ps -eF | grep 28913
root 28913 37222 0 38182 5468 0 10:22 ? 00:00:00 <b>sshd: astar [priv]</b>
astar 28917 28913 0 38182 2300 0 10:22 ? 00:00:00 sshd: astar
sh -v -N -R 10.0.0.1:59000:127.0.0.1:5900
sh -v -N -R 0.0.0.0:59000:127.0.0.1:5900
OpenSSH_9.3p1, OpenSSL 3.1.1 30 May 2023
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: Connecting to astarsrv [94.177.229.32] port 22.
debug1: Connection established.
debug1: identity file /home/astar/.ssh/id_rsa type -1
debug1: identity file /home/astar/.ssh/id_rsa-cert type -1
debug1: identity file /home/astar/.ssh/id_ecdsa type -1
debug1: identity file /home/astar/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/astar/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/astar/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/astar/.ssh/id_ed25519 type -1
debug1: identity file /home/astar/.ssh/id_ed25519-cert type -1
debug1: identity file /home/astar/.ssh/id_ed25519_sk type -1
debug1: identity file /home/astar/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/astar/.ssh/id_xmss type -1
debug1: identity file /home/astar/.ssh/id_xmss-cert type -1
debug1: identity file /home/astar/.ssh/id_dsa type -1
debug1: identity file /home/astar/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: compat_banner: match: OpenSSH_7.4 pat OpenSSH_7.4* compat 0x04000006
debug1: Authenticating to astarsrv:22 as 'astar'
debug1: load_hostkeys: fopen /home/astar/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:bla_bla_bla_bla
debug1: load_hostkeys: fopen /home/astar/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'astarsrv' is known and matches the ED25519 host key.
debug1: Found key in /home/astar/.ssh/known_hosts:1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 4294967296 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 1 keys
debug1: Will attempt key: astar@adminnote ED25519 SHA256:bla_bla_bla_bla_bla
debug1: Will attempt key: /home/astar/.ssh/id_rsa
debug1: Will attempt key: /home/astar/.ssh/id_ecdsa
debug1: Will attempt key: /home/astar/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/astar/.ssh/id_ed25519
debug1: Will attempt key: /home/astar/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/astar/.ssh/id_xmss
debug1: Will attempt key: /home/astar/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: No credentials were supplied, or the credentials were unavailable or inaccessible
No Kerberos credentials available (default cache: KCM:)
debug1: No credentials were supplied, or the credentials were unavailable or inaccessible
No Kerberos credentials available (default cache: KCM:)
debug1: Next authentication method: publickey
debug1: Offering public key: astar@adminnote ED25519 SHA256:bla_bla_bla agent
debug1: Server accepts key: astar@adminnote ED25519 SHA256:bla_bla_bla agent
Authenticated to astarsrv ([my_vps_white_ip]:22) using "publickey".
debug1: pkcs11_del_provider: called, provider_id = (null)
debug1: Remote connections from 10.0.0.1:59000 forwarded to local address 127.0.0.1:5900
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: client_input_hostkeys: searching /home/astar/.ssh/known_hosts for astarsrv / (none)
debug1: client_input_hostkeys: searching /home/astar/.ssh/known_hosts2 for astarsrv / (none)
debug1: client_input_hostkeys: hostkeys file /home/astar/.ssh/known_hosts2 does not exist
debug1: client_input_hostkeys: host key found matching a different name/address, skipping UserKnownHostsFile update
debug1: pledge: network
debug1: Remote: Forwarding listen address "10.0.0.1" overridden by server GatewayPorts
debug1: remote forward success for: listen 10.0.0.1:59000, connect 127.0.0.1:5900
edoraWorkstation (default, active)
target: default
ingress-priority: 0
egress-priority: 0
icmp-block-inversion: no
interfaces: enp0s20f0u3 enp1s0
sources:
services: dhcpv6-client mdns samba-client ssh
ports: 1025-65535/udp 1025-65535/tcp
protocols:
forward: yes
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
С другой стороны, при организации обратного туннеля мы настраиваем прослушивающий порт на удалённом сервере, который будет подключаться обратно к локальному порту на нашем localhost (или другой системе):
localhost:~$ ssh -v -R 0.0.0.0:1999:127.0.0.1:902 192.168.1.100 user@remoteserver
0.0.0.0:3389:127.0.0.1:3389
Что мешает подключить TARGET_COMP через Wireguard и использовать обычную маршрутизацию и локальную подсеть wireguard для коммуникации?
А так правильное уточнение -- если "внутри" протокола где-то на 4-7 уровне есть критерии, позволяющие отделить одно от другого.
protected $signature =
'lychee:create_user' .
'{username : username of the new user} ' .
'{password : password of the new user} ' .
'{--may-edit-own-settings : user can edit own settings} ' .
'{--may-upload : user may upload} ' .
'{--may-administrate : user is an admin} ';
PHP Warning: Module "pgsql" is already loaded in Unknown on line 0
Could not open input file: lychee:create_user
до меня дошло что usb свисток ZTE M78U это по сути роутер, который на LAN организовывает ethernet сеть 192.168.0.0/24 и WAN с динамическим IP, но внутрь то он не пускакает!
сделал проброс порта 5901 на fedora39
это до меня дошло раньше, делал проброс и 5900 и 3389 но не шло, а с TigerVNC вроде как что то зашевелилось