Re: Somewhat OT -- Looking for ideas on how to test status of SSH TCP tunnel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/3/05, Bruce McPeek <brucem@xxxxxxxxxxxx> wrote:
>
>
> Hello,
>
> I am planning on setting up a TCP tunnel through an SSH connection between
> our Korean office's intranet and our US office's intranet. This tunnel will
> be used to provide a connection between a Perforce Proxy server in Korea and
> our main Perforce server (Redhat 9) in the US.
>
> The OS for Korean proxy server will be Redhat FC3 using OpenSSH. I may have
> to give up this server at some point in the future and go Windows as the
> underlying OS, if that happens I would like to use Plink (from the maker of
> PuTTY http://www.chiark.greenend.org.uk/~sgtatham/putty/).
>
> I plan to set up the account used to connect our SSH server to a pretty
> restricted state; no login shell and port forwarding restricted to a
> specific ip:port.
>
> I am planning to script the SSH connection on the client side to reconnect
> should the connection drop. This should be a fairly trivial task.
> Unfortunately I have seen long running SSH tunnels in a state where they
> appear to be connected but no data flows through the tunnel or to the login
> shell. I would like test for this condition in my script but I am unsure
> which approach to take.
>
> I could conceivably try to connect through the tunnel to the server using
> some utility but which one? I could conceivable try using the Perforce
> client but would rather not consume a license to do this. Perhaps I could
> open have a second tunnel open just to test the connection, but what would
> be good to use?
>

I don't know that there is a solution for this issue.

If I where you I would consider using OpenVPN (www.openvpn.net). It is
designed for this type pf application.  Has the ability to reconnect
if a connection is lost,  Can use certificatres is cross platform,
including having RPM available. Well supported and in active
development.

--
Leonard Isham, CISSP
Ostendo non ostento.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux