Mailinglist Archive: opensuse-buildservice (193 mails)
| < Previous | Next > |
Re: [opensuse-buildservice] Using osc behind a ssh tunnel (solved)
- From: David Mayr <dmayr@xxxxxxx>
- Date: Mon, 2 Apr 2007 18:07:11 +0200
- Message-id: <200704021807.11644.dmayr@xxxxxxx>
Hi David,
Am Montag, 2. April 2007 16:42 schrieb Andreas Bauer:
> On Monday, 2. April 2007 06:16, David Cournapeau wrote:
> > Is there a way to use osc through a ssh tunnel ? The problem is that
> > my university's proxy configuration is causing all kind of problems (osc
> > connections hang up), and one way to avoid the proxy is to use a ssh
> > tunnel to one of the university's machine with direct access to the
> > internet.
> > Basically, I would need to tell osc to connect to localhost at a
> > certain port, which would be redirected to api.opensuse.org:443 through
> > the ssh tunnel. In the $HOME/.oscrc, there is a comment about changing
> > api.opensuse.org to a different server, but without enough details to
> > make it work ?
>
> To use another apiserver, you have to add another section in .oscrc similar
> to the api.opensuse.org section:
> [localhost:8888]
> user = youruser
> pass = yourpass
>
>
> then you can change the apisrv setting to
> apisrv = localhost:8888
>
> However, I tried it, and didn't get it to work. The only thing I got as
> response from the server was an opening bracket, no matter what request I
> sent. Maybe it's a problem with ichain. OTOH, I have zero clue about ssh
> tunnels, so I could be doing something wrong what is obvious to someone
> more experienced. So please try it.
OK, I got it work:
First, you need to start your ssh tunnel. You need to have a host
(here 'ssh.reachable.host') outside your network, that can connect to
api.opensuse.org:443 without limitations:
ssh -L 9999:api.opensuse.org:443 ssh.reachable.host
Then edit your /etc/hosts to have a line like the following - this is
important because 1. the ssl certificate needs to be accepted by osc
(hostname must be the same as in the certificate) and 2. the api-webserver
needs to be called by it's real name (to choose the right vhost). Also
remember to revert this step if you would like to connect to api.opensuse.org
the normal way (without the ssh tunnel) again:
127.0.0.1 localhost api.opensuse.org
After that, edit your ~/.oscrc like this:
apisrv = api.opensuse.org:9999
[api.opensuse.org:9999]
user = yourusername
pass = yourpassword
Then osc should work even in your 'buggy' network :-)
Have a lot of fun...
--
David Mayr, http://davey.de
openSUSE LINUX, http://opensuse.de
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx
Am Montag, 2. April 2007 16:42 schrieb Andreas Bauer:
> On Monday, 2. April 2007 06:16, David Cournapeau wrote:
> > Is there a way to use osc through a ssh tunnel ? The problem is that
> > my university's proxy configuration is causing all kind of problems (osc
> > connections hang up), and one way to avoid the proxy is to use a ssh
> > tunnel to one of the university's machine with direct access to the
> > internet.
> > Basically, I would need to tell osc to connect to localhost at a
> > certain port, which would be redirected to api.opensuse.org:443 through
> > the ssh tunnel. In the $HOME/.oscrc, there is a comment about changing
> > api.opensuse.org to a different server, but without enough details to
> > make it work ?
>
> To use another apiserver, you have to add another section in .oscrc similar
> to the api.opensuse.org section:
> [localhost:8888]
> user = youruser
> pass = yourpass
>
>
> then you can change the apisrv setting to
> apisrv = localhost:8888
>
> However, I tried it, and didn't get it to work. The only thing I got as
> response from the server was an opening bracket, no matter what request I
> sent. Maybe it's a problem with ichain. OTOH, I have zero clue about ssh
> tunnels, so I could be doing something wrong what is obvious to someone
> more experienced. So please try it.
OK, I got it work:
First, you need to start your ssh tunnel. You need to have a host
(here 'ssh.reachable.host') outside your network, that can connect to
api.opensuse.org:443 without limitations:
ssh -L 9999:api.opensuse.org:443 ssh.reachable.host
Then edit your /etc/hosts to have a line like the following - this is
important because 1. the ssl certificate needs to be accepted by osc
(hostname must be the same as in the certificate) and 2. the api-webserver
needs to be called by it's real name (to choose the right vhost). Also
remember to revert this step if you would like to connect to api.opensuse.org
the normal way (without the ssh tunnel) again:
127.0.0.1 localhost api.opensuse.org
After that, edit your ~/.oscrc like this:
apisrv = api.opensuse.org:9999
[api.opensuse.org:9999]
user = yourusername
pass = yourpassword
Then osc should work even in your 'buggy' network :-)
Have a lot of fun...
--
David Mayr, http://davey.de
openSUSE LINUX, http://opensuse.de
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx
| < Previous | Next > |