4

I am trying to setup an SSH tunnel but I am new to this process. This is my setup:

Machine B has a web service with restricted access. Machine A has been granted access to Machine B's service, based on a firewall IP whitelist.

I can connect to Machine A using an ssh connection. After that I try to access the webservice on Machine B from my localhost, but I cannot.

The webservice endpoint looks like this: service.test.organization.com:443/org/v1/sendData

So far, I have created an ssh tunnel like this: ssh -L 1234:service.test.organization.com:443 [email protected]

My understanding was that using this approach, I could hit localhost:1234 and it would be forwarded to service.test.organization.com:443, through Machine B.

I have confirmed that from Machine B, I can execute a curl command to send a message to the webservice, and i get a response (so that is working). I have tried using PostMan in my browser, and curl in terminal from localhost, but I have been unsuccessful. (curl -X POST -d @test.xml localhost:1234/org/v1/sendData)

Error message: curl: (52) Empty reply from server

There's a lot of material on SSH and I am sifting through it, but if anyone has any pointers, I would really appreciate it!

Improve this question
2
  • 2
    have you checked that port forwarding is enabled in sshd_config? by default it isnt usually Commented Jul 2, 2015 at 19:06
  • I found that the request is making it to the destination but no response is coming back because the request originated from Localhost, which violates the firewall whitelist rule. How can I make it so the HTTP request header says its from Machine B? Commented Jul 6, 2015 at 13:57

2 Answers 2

Reset to default
4

Try to add Host HTTP header: curl -H "Host: service.test.organization.com" -X POST -d @test.xml http://localhost:1234/org/v1/sendData

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

The networking issue was caused by the request format. My request object was built with a destination of 'localhost:1234'. So even though it was reaching the proper machine, the machine ignored it.

To solve this I added a record in my host file, like this: service.test.organization.com 127.0.0.1

Then I was able send the message. First I opened the tunnel, ssh -L 443:service.test.organization.com:443 [email protected], Then using using this curl command: curl -X POST -d @test.xml service.test.organization.com:443/org/v1/sendData

The host file causes the address to resolve to localhost, then the ssh tunnel knows to forward it on.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.