Prev: detachtty problems
Next: problem loading trivial-features ...
From: Pascal J. Bourguignon on 12 Jul 2010 05:41
"Captain Obvious" <udodenko(a)users.sourceforge.net> writes:

> HB> I started a swank server in emacs/sbcl. in windows.
> HB> I'm trying to make a tunnel with putty on port 4005
> HB> but I always get: connection refused.
> HB> I'm trying to connect to the same machine for practice..
> HB> Why I can't even open a tunnel in putty ?
>
> I guess you're doing it wrong.
> But I don't know how exactly because you didn't say.
>
> If you're trying to connect to the same machine, then I guess you
> could mess up ports.
>
> To begin with, do you have SSH server on your Windows machine? Because
> you need this to connect via ssh.
> Make sure that you can connect before trying tunnels.
>
> Next thing: ports. Let's say your SLIME server is listening on
> localhost:4005. (That's default.)
>
> If you're using same machine. you cannot tunnel it to port 4005
> because port 4005 is already taken.
> Thus you need to tunnel it to some other port, say, localhost:5005.

This is not correct.

You cannot tunnel to port 4005 on a GIVEN interface only if this port
is taken on THIS interface.

But two different programs may work on PORTS having the same numbers,
as long as they do so on different INTERFACES.

So, if slime uses localhost:4005, no process outside of the system may
connect to it, and you can create a tunnel from another, public,
interface on a port of same number, to this localhost:4005 port.


# We launch a server on localhost:4005:
[pjb(a)kuiper :0.0 ~]$ ./server.lisp local localhost 4005

# We try to connect on a public interface kuiper:4005, it fails:
[pjb(a)kuiper localhost:10.0 ~]$ echo Hi | nc kuiper 4005
nc: unable to connect to address kuiper, service 4005

# We establish a local tunnel from the public interface to the private one:
[pjb(a)kuiper :0.0 ~]$ ssh -v -L kuiper:4005:localhost:4005 kuiper

# We can see that two different programs have a tcp/ip socket on ports having the same number:
[pjb(a)kuiper :0.0 ~]$ sudo netstat -tnpl | grep 4005
tcp 0 0 192.168.7.2:4005 0.0.0.0:* LISTEN 29670/ssh
tcp 0 0 127.0.0.1:4005 0.0.0.0:* LISTEN 29661/lisp.run

# Now we can connect either locally or remotely:
[pjb(a)kuiper localhost:10.0 ~]$ echo Hello | nc localhost 4005

# and the server shows:
Server local (localhost:4005) received from 127.0.0.1:4005 line "Hello"

# or:
[pjb(a)galatea :0.0 ~]$ echo From galatea | nc kuiper 4005

# and the server shows:
Server local (localhost:4005) received from 127.0.0.1:4005 line "From galatea"



Now, of course, this opens up a security breach, since any body can
connect to the localhost:4005 port thru the public interface. This is
not what you should do.


What you should do, is to establish a tunnel from your workstation to
the swank machine:

[user(a)workstation :0.0 ~]$ ssh -v -L 4005:localhost:4005 swank.machine

Then you can run slime on your workstation as if swank was local:

[user(a)workstation :0.0 ~]$ emacs
M-x slime-connect RET RET RET

--
__Pascal Bourguignon__ http://www.informatimago.com/
From: Captain Obvious on 12 Jul 2010 07:37
??>> If you're using same machine. you cannot tunnel it to port 4005
??>> because port 4005 is already taken.
??>> Thus you need to tunnel it to some other port, say, localhost:5005.

PJB> This is not correct.

PJB> You cannot tunnel to port 4005 on a GIVEN interface only if this port
PJB> is taken on THIS interface.

Yup. I've simplified this a bit.

I don't know whether Putty can bind listening socket to anything but
localhost. In GUI it just says "Source port:", not "source interface and
port".
So in context of discussing Putty interfaces are totally irrelevant. (Not to
mention that I'm not particularly enthusiastic in giving lectures on
sockets, interfaces and TCP/IP.)

Using different port is just an easier solution -- it just works.

PJB> So, if slime uses localhost:4005, no process outside of the system may
PJB> connect to it, and you can create a tunnel from another, public,
PJB> interface on a port of same number, to this localhost:4005 port.

Or you can just specify correct interface in swank configuration. You don't
need SSH for this, really.

From: blandest on 12 Jul 2010 10:11
I thought that ssh was also useful for encryption, not just tunneling :)
From: Captain Obvious on 12 Jul 2010 12:52
b> I thought that ssh was also useful for encryption, not just tunneling
b> :)

And your point is?
From: blandest on 13 Jul 2010 05:02
Well taken.
First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5
Prev: detachtty problems
Next: problem loading trivial-features ...