* cygwin port forwarding @ 2012-06-23 16:29 Ross Boylan 2012-06-23 17:43 ` René Berber ` (2 more replies) 0 siblings, 3 replies; 8+ messages in thread From: Ross Boylan @ 2012-06-23 16:29 UTC (permalink / raw) To: cygwin; +Cc: ross Can non-cygwin applications "see" the ports ssh in cygwin sets up for forwarding? I did some tests on Windows 7 and found that, although the forwarding was clearly in effect for commands I ran in the cygwin shell, it did not seem to be accessible to the regular Windows version of Thunderbird. The local port I forwarded was not privileged. I used no Windows admin privileges. Thanks for any info. Ross Boylan -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: cygwin port forwarding 2012-06-23 16:29 cygwin port forwarding Ross Boylan @ 2012-06-23 17:43 ` René Berber 2012-06-24 0:20 ` Andrey Repin 2012-06-29 1:08 ` cygwin port forwarding [working] Ross Boylan 2 siblings, 0 replies; 8+ messages in thread From: René Berber @ 2012-06-23 17:43 UTC (permalink / raw) To: cygwin On 6/23/2012 11:29 AM, Ross Boylan wrote: > Can non-cygwin applications "see" the ports ssh in cygwin sets up for > forwarding? I did some tests on Windows 7 and found that, although the > forwarding was clearly in effect for commands I ran in the cygwin shell, > it did not seem to be accessible to the regular Windows version of > Thunderbird. Yes. I use a tunnel from home to work, and by use I mean Firefox to open pages/applications I don't want to expose to the Internet. It should be the same with Thunderbird, of course the port changes, but you connect to localhost:143 (IMAP), localhost:25 (SMTP), or whatever. If you can connect with telnet to those ports, then TBird shouldn't have a problem. -- René Berber -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: cygwin port forwarding 2012-06-23 16:29 cygwin port forwarding Ross Boylan 2012-06-23 17:43 ` René Berber @ 2012-06-24 0:20 ` Andrey Repin 2012-06-24 2:26 ` Karl M 2012-06-24 18:33 ` Ross Boylan 2012-06-29 1:08 ` cygwin port forwarding [working] Ross Boylan 2 siblings, 2 replies; 8+ messages in thread From: Andrey Repin @ 2012-06-24 0:20 UTC (permalink / raw) To: Ross Boylan, cygwin Greetings, Ross Boylan! > Can non-cygwin applications "see" the ports ssh in cygwin sets up for > forwarding? I did some tests on Windows 7 and found that, although the > forwarding was clearly in effect for commands I ran in the cygwin shell, > it did not seem to be accessible to the regular Windows version of > Thunderbird. > The local port I forwarded was not privileged. I used no Windows admin > privileges. netstat -aon Curious, what "tests" you did instead of getting the data straight from OS? And what exactly you've tried to do? If you're looking for proxy through SSH tunnel, you'd be better off with PuTTY -D 1080 and IE using SOCKS proxy. -- WBR, Andrey Repin (anrdaemon@freemail.ru) 24.06.2012, <04:05> Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 8+ messages in thread
* RE: cygwin port forwarding 2012-06-24 0:20 ` Andrey Repin @ 2012-06-24 2:26 ` Karl M 2012-06-24 18:33 ` Ross Boylan 1 sibling, 0 replies; 8+ messages in thread From: Karl M @ 2012-06-24 2:26 UTC (permalink / raw) To: cygwin > Date: Sun, 24 Jun 2012 04:07:57 +0400 > From: anrdaemon > To: ross; cygwin > Subject: Re: cygwin port forwarding > > Greetings, Ross Boylan! > > > Can non-cygwin applications "see" the ports ssh in cygwin sets up for > > forwarding? I did some tests on Windows 7 and found that, although the > > forwarding was clearly in effect for commands I ran in the cygwin shell, > > it did not seem to be accessible to the regular Windows version of > > Thunderbird. > > > The local port I forwarded was not privileged. I used no Windows admin > > privileges. > > netstat -aon > > Curious, what "tests" you did instead of getting the data straight from OS? > And what exactly you've tried to do? If you're looking for proxy through SSH > tunnel, you'd be better off with PuTTY -D 1080 and IE using SOCKS proxy. > Or you can use use the -D option for ssh (OpenSSH). ...Karl -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: cygwin port forwarding 2012-06-24 0:20 ` Andrey Repin 2012-06-24 2:26 ` Karl M @ 2012-06-24 18:33 ` Ross Boylan 2012-06-24 21:42 ` René Berber 1 sibling, 1 reply; 8+ messages in thread From: Ross Boylan @ 2012-06-24 18:33 UTC (permalink / raw) To: Andrey Repin; +Cc: ross On Sun, 2012-06-24 at 04:07 +0400, Andrey Repin wrote: > Greetings, Ross Boylan! > > > Can non-cygwin applications "see" the ports ssh in cygwin sets up for > > forwarding? I did some tests on Windows 7 and found that, although the > > forwarding was clearly in effect for commands I ran in the cygwin shell, > > it did not seem to be accessible to the regular Windows version of > > Thunderbird. > > > The local port I forwarded was not privileged. I used no Windows admin > > privileges. > > netstat -aon > > Curious, what "tests" you did instead of getting the data straight from OS? > And what exactly you've tried to do? If you're looking for proxy through SSH > tunnel, you'd be better off with PuTTY -D 1080 and IE using SOCKS proxy. > I ran netstat, I think in a non-cygwin terminal, and didn't see the ports listed (though I remember doing netstat-an, which seems like Unix options not windows). For thunderbird, I pointed it at localhost and the forwarded port, and was unable to connect. One reason I asked is that I have only middling confidence I know what t-bird is actually doing. On the other hand, inside a cygwin terminal I was able to use openssl to connect via the same port on localhost. The target port is secure IMAP, 993. I'm using ssh in addition to SSL because the tunnel must be though ssh and the server is only serving SSL. The underlying motivation is that we suspect the links used by the regular connection are not reliable. Ross -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: cygwin port forwarding 2012-06-24 18:33 ` Ross Boylan @ 2012-06-24 21:42 ` René Berber 2012-06-25 9:50 ` Andrey Repin 0 siblings, 1 reply; 8+ messages in thread From: René Berber @ 2012-06-24 21:42 UTC (permalink / raw) To: cygwin On 6/24/2012 1:33 PM, Ross Boylan wrote: > I ran netstat, I think in a non-cygwin terminal, and didn't see the > ports listed Then there is no tunnel. You probably used the wrong command instead of 'ssh -fNL ...' > For thunderbird, I pointed it at localhost and > the forwarded port, and was unable to connect. One reason I asked is > that I have only middling confidence I know what t-bird is actually > doing. TBird will have one minor problem: the server certificate. Since you are connecting to localhost and the server has its own name in the certificate (if configured correctly), then you will be shown the warning panel, and you will have to 'accept' to continue using that server. > On the other hand, inside a cygwin terminal I was able to use openssl to > connect via the same port on localhost. Meaning? Did you use "openssl s_client ..." or you mean something else. That test if for sending main, not reading, which seems to be what you wanted to do. > The target port is secure IMAP, 993. As long as TBird is configured (Server settings) with the correct port, and "Security Settings" (SSL/TLS), there is no problem, it works. There are 2 separate configurations in TBird, one for reading, one for sending (at the bottom of the "Account Settings" window: "Outgoing Server"). -- René Berber -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: cygwin port forwarding 2012-06-24 21:42 ` René Berber @ 2012-06-25 9:50 ` Andrey Repin 0 siblings, 0 replies; 8+ messages in thread From: Andrey Repin @ 2012-06-25 9:50 UTC (permalink / raw) To: René Berber, cygwin Greetings, René Berber! >> I ran netstat, I think in a non-cygwin terminal, and didn't see the >> ports listed > Then there is no tunnel. ^^^^^^^^^^^^^^^^^^^^^^^^^^ This. > You probably used the wrong command instead of 'ssh -fNL ...' >> For thunderbird, I pointed it at localhost and >> the forwarded port, and was unable to connect. One reason I asked is >> that I have only middling confidence I know what t-bird is actually >> doing. > TBird will have one minor problem: the server certificate. > Since you are connecting to localhost and the server has its own name in > the certificate (if configured correctly), then you will be shown the > warning panel, and you will have to 'accept' to continue using that server. >> On the other hand, inside a cygwin terminal I was able to use openssl to >> connect via the same port on localhost. > Meaning? > Did you use "openssl s_client ..." or you mean something else. That > test if for sending main, not reading, which seems to be what you wanted > to do. openssl "s_client" command is for general TLS functionality check. You can use it to connect to any TLS-enables service. You can think about it as if it is telnet for TLS. >> The target port is secure IMAP, 993. > As long as TBird is configured (Server settings) with the correct port, > and "Security Settings" (SSL/TLS), there is no problem, it works. > There are 2 separate configurations in TBird, one for reading, one for > sending (at the bottom of the "Account Settings" window: "Outgoing Server"). -- WBR, Andrey Repin (anrdaemon@freemail.ru) 25.06.2012, <13:34> Sorry for my terrible english... ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: cygwin port forwarding [working] 2012-06-23 16:29 cygwin port forwarding Ross Boylan 2012-06-23 17:43 ` René Berber 2012-06-24 0:20 ` Andrey Repin @ 2012-06-29 1:08 ` Ross Boylan 2 siblings, 0 replies; 8+ messages in thread From: Ross Boylan @ 2012-06-29 1:08 UTC (permalink / raw) To: cygwin I have some updates and successes. First, I do see the forwarded ports with netstat -aon in a windows command prompt: TCP [::1]:2525 [::]:0 LISTENING 388 TCP [::1]:9933 [::]:0 LISTENING 388 I may have missed them because I didn't look at the ::1 addresses or because the destination host and port is oddly blank. From within a cygwin terminal I did openssl s_client -connect localhost:9933 which showed me the certificate of the mail server I was trying to reach. Finally, when I switched thunderbird to use localhost at port 9933 (with connection security set to SSL/TLS) it did make contact. As René indicated, T-bird complained about the certificate (which has also expired). Then I ran into what seems like a T-bird bug: every time I hit "accept certificate" it brought the same dialogue asking for confirmation up. Eventually I closed it by hitting the red x on the window (though it took a couple of tries). It seems to be working. Even if it's not, it seems clear the port forwarding is working. I'm not sure why it didn't work the first time. Thanks to René, Andrey, and Karl for their help. Ross -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2012-06-29 1:08 UTC | newest] Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2012-06-23 16:29 cygwin port forwarding Ross Boylan 2012-06-23 17:43 ` René Berber 2012-06-24 0:20 ` Andrey Repin 2012-06-24 2:26 ` Karl M 2012-06-24 18:33 ` Ross Boylan 2012-06-24 21:42 ` René Berber 2012-06-25 9:50 ` Andrey Repin 2012-06-29 1:08 ` cygwin port forwarding [working] Ross Boylan
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).