SSH tunnel with RDP on open ports

[McCloud]

Hey guys,

I spent a lot of time trying to figure this out, but I would really need some help.
Just for testing purposes I've set up two virtual machines - a server and a PC - connected internally.
I've set up a SSH tunnel, using FreeSSHd and Putty. Yesterday I managed to get a connection successfully, but today it doesn't work anymore, saying access is denied after I enter the username and password. I am using the option 'Password stored as SHA1 hash' on the server, because for NT authentication, the option to enter a password wasn't there. I don't get this. The firewall is turned off for the moment.
It's kind of frustrating, because only yesterday it worked.

Can you help me out? I can provide any additional info if necessary.
Thanks

[lucid]

Well have you change anything since it worked last? Anything at all? I noticed that you have the port set to 443. This is fine, but only as long as there's actually a server listening on that port.

[McCloud]

Well have you change anything since it worked last? Anything at all? I noticed that you have the port set to 443. This is fine, but only as long as there's actually a server listening on that port.

Well I don't think I changed anything..
The truth is, that it was 3 o'clock in the morning and I was drunk when I was messing with it - pleased with the fact that I could at least get a connection, I went to bed.
This morning I was trying to get it back on and it didn't work..


//Edit:
So after doing some further testing (I am spending way too much time on this - that's what I hate (and love) about computers... it is somehow working. The problem was, that I had to completely deload the ssh client on the server first. So:
1. no matter what's happening with the firewall, when using port 443 it won't even start - "the specified address is already in use".
2. when the firewall is completely turned off I can go through whatever port
3. when it's on, I have to make an inbound rule for the port I want to run it through.
4. I found some pre-defined rules for ports 80 and 443 that I allowed, but it still didn't work (I had to manually create a rule for port 80)



I created a tunnel for port 443 and RDP - so I was able to remotely connect to the server via 127.0.0.1:443 - which is what I want and need.



Tomorrow I will try to set this up in a real life environment...
I am still not sure why it doesn't allow me to get a SSH through port 443 or why it needs port 80 to be open (when that should be open by default I guess).


Thanks for help lucid.

[proxx]

Alright, lets go through the basics than.
-Can you connect on a regular SSH shell?
-Are the ports all open ? scan , telnet the port or whatever.
-Can you telnet on RDP localhost?
-Use plain authentication instead of certs and test.


Show evidence
Must say that putty is a very old piece of brick if you ask me.

[McCloud]

Is there any better software for this? I'd be happy to move over.


Here's a scan on the ports:
From speedguide.net/portscan
From portcheckers.com/port-scanner


not sure if that helps with anything..


I am not using the default auth just because it doesn't allow me to enter any password - but Putty still requires password when connecting - and I don't know what to enter image
With using the 2nd option I can enter my own password. image


And what you mean telnet on RDP localhost? When connected via SSH I can use RDP with 127.0.0.1:443 as I described above. When I connect via telnet, it doesn't work - but I though telnet is just for text, so I wouldn't expect it to. But I guess I just misinterpreted your question

[proxx]

Oh boy , where do I start.

LOCALHOST
^     ^
R     2
D     2
P     S
3     S
3    H
8    |
9    |
      -------------- client connects to this port

First of all is that port open?
Second, can you connect into a shell from putty?

We can clear out the networking part when we know that this is the case.



_________________________________________
With telnet I meant using this;
telnet localhost 3389
or
telnet localhost 22
(you will see a SSH banner)

You will have a blank prompt which will allow you to see if the port is actually listening, its bascically a TCP handshake test.

                   

[McCloud]

None of the ports are open by default. As I mentioned, I turned off the whole firewall just so I don't have to open all the ports manually - or I can have the firewall on and create an inbound rule for whatever port I want to use SSH on. Shell from putty works either way.


For the telnet (I had to enable the feature first though) this is what I got in cmd:



For port 3389 I just got a blank screen.


// a little update on the ports.. because that online tool was kind of shitty.
I just run a port scan locally and here's what I got..
Removed link since you where posting your own address here,you don't wanna do that.

[McCloud]

               

Ok, so I tried to connect to my computer at home. I did the initial set-up via Teamviewer (with the help of my brother). When using the default ssh port 22 it could not start, giving me an error that the 'specified address is already in use' - where the hell is it in use?


Then I tried port 80 - same error. But when I closed skype, it started without problem - again, strange, because if it was really interfering with something, I was running teamviewer too, which uses port 80 too.


Once I got the ssh server running I tried to connect with putty. I used both the external and internal (just to be sure) IP address of the computer at home.. even tried to turn off the firewall and forwarded the ports in router settings. I just got this error.


Why the fuck does it have to be so complicated? Or am I doing something wrong?
Thanks a lot.

[proxx]

Plz don't double post just edit it in.
I wouldn't mind helping you but it looks like you are lacking some fundamentals which make what you try to do look like trying random combinations till it works.
Something you would want to look up:
Basic workings of the IP stack.
NAT
Routing

Try it locally, dont make it all hard on yourself.
Run 2 machines in the same network.

[0E 800]

So you have a Host machine running 2 guest vms or your Host box is a server and you have 1 guest vm?

What OS is the host box, what os is the 2 guest vms?


What virtualization software are you using? Virtbox, Vmware?

Is your host connected to the internet?

Are your VM's set to NAT or Bridged?

What is the purpose of this; what do you aim to achieve here?
Are you just trying to setup a small network and you want VM #1 to connect to VM #2?
Or are you just trying to use putty to connect your host machine to your guest vm?

[McCloud]

Alright, sorry about the double-post.
And you are kind of right I am trying every possible option just to see what works.
But I don't think establishing a SSH connection requires that much actual theoretical knowledge - although it would be very useful, as I am pretty new to this indeed.

The purpose of this thing: I am behind a university network that is restricted as hell. I need to get ftp access to do work and need torrents to get software (that I lost when my notebook crashed) - to do some more work. And I don't want the fat IT guys at the uni spying on me as well   So I am in quite a hurry.

As described in my post before, I was trying to establish a SSH connection between two machines running in a virtual environment (VirtualBox). One Windows Server 2012, one Win7 - connected on an internal network.
As I wrote, I did manage to get the connection, that's why I wanted to try a real life scenario, so I tried to connect to my notebook at home (not uni campus, like real home-outside of UK )
But here I failed. Some things that are not clear to me I've mentioned in the previous post.

[0E 800]

If you are trying to ssh into a computer on your universities lan from your home, you would need to access the universities firewall and open that port or request remote gateway connection. Your best bet is to use teamviewer for remote connections to your universities computer.

A ssh connection is not theoretical.

This might be helpful for you to review, there might be something similar for your own university:

• http://computing.help.inf.ed.ac.uk/connecting-home-overview
  
• http://www.cl.cam.ac.uk/local/sys/ssh/
  

Also for your reading pleasure:

• http://askubuntu.com/questions/437811/cannot-connect-to-university-computer-via-ssh-over-a-vpn-connection-to-my-uni-n
  
• http://www.linuxjournal.com/content/ssh-tunneling-poor-techies-vpn
  
• https://www.srvdir.net/
  
  

[RedBullAddicted]

Still don't get what you are trying to do. You want to ssh to your machine or do you want to tunnel rdp through ssh? Anyways, if you want to tunnel rdp through ssh from a machine inside the university network to your computer at home there are several things you need to do/know.

• Check if you can access machines outside your universities network on tcp/22
• If 1. fails you can try to set your ssh server at home to listen on tcp/80, maybe that helps
• Get a dynamic dns record for your dynamic public ip address
• Configure PAT for your ssh port on your router or configure nat.. whatever you want
• If your router has a firewall you need to configure that as well to allow inbound traffic to your internal machine on the configured port
• If your ssh server has a firewall you need to configure that as well
• open Putty and enter your dynamic dns name and the configured port of your ssh server on the first page
• go to the ssh settings and check the "enable compression" check box
• add a port forwarding entry in the ssh->tunnels section (you need to enter the internal ip address and port of your machine you want to rdp to)
• start the connection, open your rdp client and enter localhost:port (the port you entered in the tunnel section)

and thats all. For the tunnel rdp over ssh part you can have a look at this. Its a bit more detailed (and with pictures)

Code: [Select]

http://klinkner.net/~srk/techTips/ssh-remote/

Have fun

[McCloud]

Great, thanks for the instructions...
What I am trying to do is bypass the university network firewall and restrictions. Since VPN, proxy and all the ports are disabled, the only option is to go through SSH on port 80 (+ rdp so I can easily operate the PC at home).
That way I can connect to my PC at home and do all the work and downloads there. Or maybe just route all of the traffic through that tunnel. I am not sure if that's possible. (Now my priority is just to get a connection).


So I think your point 3. is the key here. I didn't do that before. I just entered the public IP straight in (since it doesn't change much/not at all).
I will get through all the advice links you provided with 0E 800 and will see how it goes.
For rdp over port 443 I was using this article which is also quite short and simple.


But again, thanks for help

[proxx]

Great, thanks for the instructions...
What I am trying to do is bypass the university network firewall and restrictions. Since VPN, proxy and all the ports are disabled, the only option is to go through SSH on port 80 (+ rdp so I can easily operate the PC at home).
That way I can connect to my PC at home and do all the work and downloads there. Or maybe just route all of the traffic through that tunnel. I am not sure if that's possible. (Now my priority is just to get a connection).


So I think your point 3. is the key here. I didn't do that before. I just entered the public IP straight in (since it doesn't change much/not at all).
I will get through all the advice links you provided with 0E 800 and will see how it goes.
For rdp over port 443 I was using this article which is also quite short and simple.


But again, thanks for help

Not so long ago some people asked me how to bypass certain shit on some big coporate network.
Figured they would allow traffic out to certain ports such as port 80, when I tried just running RDP on port 80 it didnt work since they do some sort of packet inspection.
By setting up a squid proxy on the other side and using some sort of proxifier on the windows box we solve this problem.
The traffic got encapsuled with HTTP headers and was allowed to go through the firewall, dirt easy.


With SSHFS you can setup a shared folder over an SSH tunnel.
If you want to pull traffic over it works just fine(set encryption low as redbull suggested), you don't want to watch movies over an RDP session, it'll suck.
Won't be fast but can be stable and 'secure'