[Yum] Tunneling yum connections through ssh's SOCKS proxy.

Les Mikesell lesmikesell at gmail.com
Fri Aug 14 13:45:14 UTC 2009


Daniel Fishman wrote:
> Hello everybody,
> 
> My machine (A) is located on a lan behind a firewall, and the only way 
> outside is ssh.
> I have another machine (B) outside the lan. B has ssh server, and I can 
> ssh from A to B.
> 
> In order to be able to perform software updates with yum I set up ssl 
> tunnel from A to B
> using dynamic port forwarding, that is: I ssh from A to B, and ssh 
> client on A serves
> as SOCKS proxy. In addition, SOCKS client wrapper is installed on A (I 
> use dante's
> socksify).
> 
> The mentioned SOCKS proxy works properly, for example I can use the web.
> But when I try to use yum (running 'socksify yum update', for example), 
> it fails to ran
> properly. I see (using ssh's escape characters) that ssh forwards yum's 
> connections,
> but yum tells that either network is unreachable or that connection 
> timed out.

I'm not sure why yum wouldn't work over socks, but I usually do this with a 
squid proxy on the open box and port-forward ftp/http proxy connections:

ssh -R3128:localhost:3128 firewalled_host  (or reverse with -L if the connection 
  goes the other way).
...login
http_proxy=http://localhost:3128 ftp_proxy=http://localhost:3128 yum update
and you get whatever caching squid can manage for multiple runs, although 
mirrorlists usually screw it up.

-- 
   Les Mikesell
    lesmikesell at gmail.com







More information about the Yum mailing list