Coaching to ssh port forward an NNTP connection

Coaching to ssh port forward an NNTP connection

[Harry Putnam]

I'm completely lost trying to understand how port forwarding with ssh
might do what I'd like to do.

Currently my normal ISP (direcpath) has been banned at
new.gmane.org... I'm not sure what is going on but at least one other
person has posted on gmane.emacs.gnus.user that they were having a
similar problem.

Until the problem gets cleared up, I'd Like to try to use ssh to trick
news.gmane.org into thinking the connection is from s remote machine I
have access to that is not in direcpath domain.  The idea being that I
could sit at my desktop.  Fire up emacs/gnus but the nntp conversation
is running in a ssh tunnel to the remote machine and from there to
news.gmane.org

I do not have root at the remote machine but I recall long long ago
doing something similar with that same remote and home desktop but at
that time it didn't involve nntp.  

Trouble is I cannot remember the first thing about how it was done or
find any notes I may have kept... this has been 10 or more yrs ago.

Can anyone give an outline of how something like that might be done?

Re: Coaching to ssh port forward an NNTP connection

[Abramov Aleksey]

Harry Putnam <reader@jtan.com> writes:

> I'm completely lost trying to understand how port forwarding with ssh
> might do what I'd like to do.
>
> Currently my normal ISP (direcpath) has been banned at
> new.gmane.org... I'm not sure what is going on but at least one other
> person has posted on gmane.emacs.gnus.user that they were having a
> similar problem.
>
> Until the problem gets cleared up, I'd Like to try to use ssh to trick
> news.gmane.org into thinking the connection is from s remote machine I
> have access to that is not in direcpath domain.  The idea being that I
> could sit at my desktop.  Fire up emacs/gnus but the nntp conversation
> is running in a ssh tunnel to the remote machine and from there to
> news.gmane.org
>
> I do not have root at the remote machine but I recall long long ago
> doing something similar with that same remote and home desktop but at
> that time it didn't involve nntp.  
>
> Trouble is I cannot remember the first thing about how it was done or
> find any notes I may have kept... this has been 10 or more yrs ago.
>
> Can anyone give an outline of how something like that might be done?
>

To create an ssh tunnel is pretty easy. 

# ssh -ANf -L5119:news.gmane.org:119 router.example.com

# telnet localhost 5119
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
200 news.gmane.org InterNetNews NNRP server INN 2.5.1 ready (posting ok)
Connection closed by foreign host.

There could be only one problem, TCP forwarding shouldn't be disabled in
sshd which you are connecting to. 

In my case the interesting thing is that, there is a http proxy before
router. =) 

-- 
Sincerely,
Abramov Aleksey.

Re: Coaching to ssh port forward an NNTP connection

[Harry Putnam]

Abramov Aleksey <levenson@mmer.org> writes:


[...]

>> Trouble is I cannot remember the first thing about how it was done or
>> find any notes I may have kept... this has been 10 or more yrs ago.
>>
>> Can anyone give an outline of how something like that might be done?
>>
>
> To create an ssh tunnel is pretty easy. 
>
> # ssh -ANf -L5119:news.gmane.org:119 router.example.com
>
> # telnet localhost 5119
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 200 news.gmane.org InterNetNews NNRP server INN 2.5.1 ready (posting ok)
> Connection closed by foreign host.
>
> There could be only one problem, TCP forwarding shouldn't be disabled in
> sshd which you are connecting to. 
>
> In my case the interesting thing is that, there is a http proxy before
> router. =) 

In the command line you show above, what role does router.example.com
play? Are -L and router.example.com the same host 

Do any of the participating hosts require root to do that?

Re: Coaching to ssh port forward an NNTP connection

[Herbert J. Skuhra]

On Tue, 27 Aug 2013 12:57:35 -0400
Harry Putnam wrote:

> Abramov Aleksey <levenson@mmer.org> writes:
> 
> 
> [...]
> 
> >> Trouble is I cannot remember the first thing about how it was done or
> >> find any notes I may have kept... this has been 10 or more yrs ago.
> >>
> >> Can anyone give an outline of how something like that might be done?
> >>
> >
> > To create an ssh tunnel is pretty easy. 
> >
> > # ssh -ANf -L5119:news.gmane.org:119 router.example.com
> >
> > # telnet localhost 5119
> > Trying 127.0.0.1...
> > Connected to localhost.
> > Escape character is '^]'.
> > 200 news.gmane.org InterNetNews NNRP server INN 2.5.1 ready (posting ok)
> > Connection closed by foreign host.
> >
> > There could be only one problem, TCP forwarding shouldn't be disabled in
> > sshd which you are connecting to. 
> >
> > In my case the interesting thing is that, there is a http proxy before
> > router. =) 
> 
> In the command line you show above, what role does router.example.com
> play? Are -L and router.example.com the same host 

% man ssh

Have you tried?

> Do any of the participating hosts require root to do that?

Yes, e.g: if you try to listen to a privileged port.

-- 
Herbert

Re: Coaching to ssh port forward an NNTP connection

[Harry Putnam]

"Herbert J. Skuhra" <hskuhra@eumx.net> writes:

> On Tue, 27 Aug 2013 12:57:35 -0400
> Harry Putnam wrote:
>
>> Abramov Aleksey <levenson@mmer.org> writes:
>> 
>> 
>> [...]
>> 
>> >> Trouble is I cannot remember the first thing about how it was done or
>> >> find any notes I may have kept... this has been 10 or more yrs ago.
>> >>
>> >> Can anyone give an outline of how something like that might be done?
>> >>
>> >
>> > To create an ssh tunnel is pretty easy. 
>> >
>> > # ssh -ANf -L5119:news.gmane.org:119 router.example.com
>> >
>> > # telnet localhost 5119
>> > Trying 127.0.0.1...
>> > Connected to localhost.
>> > Escape character is '^]'.
>> > 200 news.gmane.org InterNetNews NNRP server INN 2.5.1 ready (posting ok)
>> > Connection closed by foreign host.
>> >
>> > There could be only one problem, TCP forwarding shouldn't be disabled in
>> > sshd which you are connecting to. 
>> >
>> > In my case the interesting thing is that, there is a http proxy before
>> > router. =) 
>> 
>> In the command line you show above, what role does router.example.com
>> play? Are -L and router.example.com the same host 
>
> % man ssh
> Have you tried?

Had I found something I understood there I would not have posted.

I have a remote shell account that I can use as the gateway and in
fact have been able to successfully set that up for http:

  ssh -L 8080:www.google.com:80 some.host.com <==remote shell account

When I run the command it logs me into my remote shell account

Then from a different xterm:
lynx localhost:8080 connects to google thru my remote shell account.

For gnus I tried:
ssh -L 5119:news.gmane.org:119 some.host.com

However when I attempt that with gnus, I'm told:
  >>> (error localhost:5119/nntp node name or service name not known)
  nntp (localhost:5119) open error: '>>> (error localhost:5119/nntp
  node name or service name not known)'

I wasn't sure what to put in gnus but I vaguely remember doing
something like:
   (setq gnus-select-method '(nntp "localhost:5119"))

But that is what got the error above.

Telnet can see localhost 5119 and show new.gmane.org is there.

So maybe its just a matter of getting the right syntax in gnus.

Re: Coaching to ssh port forward an NNTP connection

[Adam Sjøgren]

Harry Putnam <reader@newsguy.com> writes:

>    (setq gnus-select-method '(nntp "localhost:5119"))

That looks like a guess.

How does:

  (setq gnus-select-method '(nntp "localhost" (nntp-port-number 5119)))

work?

See http://www.gnus.org/manual/gnus_171.html


  Best regards,

    Adam

-- 
 "I hope you're not going to ask me to explain a              Adam Sjøgren
  title."                                                asjo@koldfront.dk

Re: Coaching to ssh port forward an NNTP connection

[Harry Putnam]

asjo@koldfront.dk (Adam Sjøgren) writes:

> Harry Putnam <reader@newsguy.com> writes:
>
>>    (setq gnus-select-method '(nntp "localhost:5119"))
>
> That looks like a guess.
>
> How does:
>
>   (setq gnus-select-method '(nntp "localhost" (nntp-port-number 5119)))
>
> work?

Good, thank you

> See http://www.gnus.org/manual/gnus_171.html
>

I'm not sure I would have realized what was necessary just by looking
at that.. although after your message I can see the info is there.

I guess I was expecting gnus to follow the standard way to set a port to
a host `host:port'