Indigo2 remote access via a SSH Tunnel

Posted on
Wed Dec 06, 2006 5:44 pm
nsosnicki offline
Posts: 168
Joined: Nov 14, 2004
Location: Boston, MA, US

(No subject)

gmusser wrote:
can I require that the client machine have a cryptographic key?


George, you can. I have found the easiest way to manage SSH keys (both client and server) to be "SSH Helper" (http://www.gideonsoftworks.com/sshhelper.html).

Posted on
Wed Dec 06, 2006 5:54 pm
snowjay offline
Posts: 274
Joined: Aug 09, 2006

(No subject)

gregjsmith wrote:
Do you have to use the IP of your home network or can you use a domain name?


Ooops, not sure how I missed these questions.

You can use a domain name. Many people used dyndns.com and have their router or mac dynamically update the ip address.

Posted on
Wed Dec 06, 2006 5:57 pm
snowjay offline
Posts: 274
Joined: Aug 09, 2006

Re: THANK YOU!!!

Rick8343 wrote:
Hey, this is great. Thank you for the extremely consise and easy to follow instructions. Never having SSH'ed before, I really apprecated the solid directions!

Questions:

1. I am about to start a new job, and will be gone for weeks at a time. That said, can I assume that this type of connection is relatively stable, meaning the IP addresses of my router and server will remain constant, so I don't loose the tunnel???

2. Having successfully done this now, I see this well laid-out page for my mobile device (thanks Matt). This begs the question, is it possible (assume so) and how hard is it to SSH from a Windows Smartphone??? Feel like writting an appendage to the tutorial?? :)

Again, thanks! Being able to control my house when i am halfway around the world will be great.

Rick

BTW - I'm a different Rick than the poster above.


#1 is dependant on your ISP. My ip address hardly changes but it occasionally will especially after an extended power outage. Look into using a service like dyndns.com that will keep a domain name updated with your current ip address so you don't have to worry about the ip address changing.

#2 I'm sure it's possible to do it from a Smartphone but I never ventured into it. Good idea though I'll try and look at it sometime.

Posted on
Wed Dec 06, 2006 6:12 pm
snowjay offline
Posts: 274
Joined: Aug 09, 2006

(No subject)

nsosnicki wrote:
gmusser wrote:
can I require that the client machine have a cryptographic key?


George, you can. I have found the easiest way to manage SSH keys (both client and server) to be "SSH Helper" (http://www.gideonsoftworks.com/sshhelper.html).


Nice little utility! Beats doing it manually!

Posted on
Sun Jan 28, 2007 3:56 pm
yergeyj offline
Posts: 260
Joined: Dec 29, 2004

Utility Confusion?

snowjay,

You mentioned at this start of this thread using SSH Tunnel Manager, which I set up and worked fine.

Following the thred further suggests that it is prudent to use a public/private key, and that SSH Helper is "a nice app" to set this up. Again, I did this and have the keys set up using the SSH Helper wizard.

The question is, will SSH Tunnel manager still work, and will it now use the keys set up with SSH Helper? Is there a way to know if it's using those keys??

Jim

P.S. Thanks for all of your help with ssh in the Indigo forum! Getting ssh set up seems like a really solid and secure way to use Indigo remotely.

Posted on
Sun Jan 28, 2007 4:12 pm
yergeyj offline
Posts: 260
Joined: Dec 29, 2004

(No subject)

:oops:
Sorry, I've answered my own question: YES!

I had closed the forwarding of port 22 on my router temporarily, so that's why SSH Tunnel Manager wasn't connecting.

When connected, it does use the public/private key set up with SSH Helper.

Thanks again for all of your help.

Jim

Posted on
Mon Jan 29, 2007 7:18 pm
matt (support) offline
Site Admin
User avatar
Posts: 21411
Joined: Jan 27, 2003
Location: Texas

(No subject)

FYI, we officially have rolled out the public beta of Prism. We have also started a new support forum section for discussing Prism related questions, feature requests, bugs, etc.

Please try it out and let us know how it works for you!

Regards,
Matt

Posted on
Fri Jul 27, 2007 3:24 pm
wikner offline
Posts: 181
Joined: Nov 02, 2003

(No subject)

Once you have SSHTM download and installed open it up.


I feel a bit stupid asking this question but... Do I install SSHTM on the host machine, the client machine or both?

Posted on
Fri Jul 27, 2007 8:32 pm
wikner offline
Posts: 181
Joined: Nov 02, 2003

I'm afraid I'm completely confused

Here is the dialog that goes up when I try to configure SSHTM:

Name:
Login:
Host: Port:
Local redirections
Port - LAN Host - Port
Remote redirections
Port - Remote Hose - Port

That's 10 things to enter. The program has no help (nor any on its web site that I can see); and there's more to enter than is given in the original post of this thread. I have downloaded version 2.0 (28). Could you give updated instructions?

Posted on
Sat Jul 28, 2007 3:58 am
matt (support) offline
Site Admin
User avatar
Posts: 21411
Joined: Jan 27, 2003
Location: Texas

Re: I'm afraid I'm completely confused

I've never used SSHTM, so hopefully someone else will chime in on your question. Are you trying to remotely access Indigo via the Cocoa GUI client, or do you want to access the built-in web server (Control Pages)? For the latter, I definitely recommend you give Prism Reflector a try. It will be the easiest to setup by far.

Regards,
Matt

Posted on
Sat Jul 28, 2007 6:43 am
wikner offline
Posts: 181
Joined: Nov 02, 2003

(No subject)

I do want to use the Cocoa GUI client, though I will definitely try Prism Reflector for the other. I am hopeful that snowjay will see this and post a reply. SSHTM sounds like a verly powerful and useful tool for many purposes other than Indigo. I guess I'm going to have to do some independant study of SSH; then maybe I'll understand what the field names mean.

Norman

Posted on
Sat Jul 28, 2007 9:29 am
nsosnicki offline
Posts: 168
Joined: Nov 14, 2004
Location: Boston, MA, US

(No subject)

This is a more complete explanation:

http://projects.tynsoe.org/en/stm/doc.php

STM is just a nice GUI for the command line SSH. In fact STM will show you what command line arguments it is actually using, if you are interested. If you know how the command line works, you can open a tunnel from any computer (assuming SSH is installed as it is on all Macs) without installing any software.

Anyway, STM is installed on the machine you are connecting from (the client).

Name: What do you want to call this connection; can be whatever you want

Login: Your user name on the machine you are connecting to (the server)

Host: The domain name or the IP of the server

Port: The port to connect to on the server. Leave blank to use the default (which is 22 BTW)

Local redirections: This is where you define what local port you want redirected to the server. What port you need to redirect will depend on what you are trying to do: 1176 for the Indigo client and 8000 for Indigo control pages (assuming default ports). Just to keep it simple, keep the local redirected port the same as the port on the server (although doesn't have to be):

Port: 8000
LAN Host: same as the host address above
Port :8000

Remote redirections: not needed if Indigo is running on the same machine that is exposed to the internet. Useful though, see the docs for a complete explanation.

Port - Remote Hose - Port

Posted on
Mon Jul 14, 2008 9:38 am
bob offline
User avatar
Posts: 500
Joined: Jun 14, 2006

(No subject)

For you Intel users - an Intel version of SSH Tunnel Manager can be found here:

http://www.duc.scrapping.cc/dl_tunes.html

bob

Posted on
Fri Aug 22, 2008 9:01 am
jchiar offline
Posts: 56
Joined: Apr 27, 2005

(No subject)

gmusser wrote:
snowjay, what a great tutorial. One question: is there any way to have stronger authentication than a password? For instance, can I require that the client machine have a cryptographic key?
George




Since i assume the SSH is using the build in MAC OS ssh, yes it can be tweaked to use keys.

However, by default MAC os allows password also.

Ive been researching this online for other SSH needs i have, but it involves some file editing that i havent quite figured out.

But yes, you can disable password authentication and use keys only..

(PS Thanks for the tutorial)

Who is online

Users browsing this forum: No registered users and 4 guests

cron