[Yum] Tunneling yum connections through ssh's SOCKS proxy.
Les Mikesell
lesmikesell at gmail.com
Fri Aug 14 13:45:14 UTC 2009
Daniel Fishman wrote:
> Hello everybody,
>
> My machine (A) is located on a lan behind a firewall, and the only way
> outside is ssh.
> I have another machine (B) outside the lan. B has ssh server, and I can
> ssh from A to B.
>
> In order to be able to perform software updates with yum I set up ssl
> tunnel from A to B
> using dynamic port forwarding, that is: I ssh from A to B, and ssh
> client on A serves
> as SOCKS proxy. In addition, SOCKS client wrapper is installed on A (I
> use dante's
> socksify).
>
> The mentioned SOCKS proxy works properly, for example I can use the web.
> But when I try to use yum (running 'socksify yum update', for example),
> it fails to ran
> properly. I see (using ssh's escape characters) that ssh forwards yum's
> connections,
> but yum tells that either network is unreachable or that connection
> timed out.
I'm not sure why yum wouldn't work over socks, but I usually do this with a
squid proxy on the open box and port-forward ftp/http proxy connections:
ssh -R3128:localhost:3128 firewalled_host (or reverse with -L if the connection
goes the other way).
...login
http_proxy=http://localhost:3128 ftp_proxy=http://localhost:3128 yum update
and you get whatever caching squid can manage for multiple runs, although
mirrorlists usually screw it up.
--
Les Mikesell
lesmikesell at gmail.com
More information about the Yum
mailing list