Ssh

gatewayports
make ssh tunnel publicly accessible Warning: if you set GatewayPorts to yes this will make sshd bind your forwardings to any interface - regardless of the client configuration (-R, etc.). This can become quite a security issue if the client assumes he has limited his forwardings to f.e. localhost. Therefore, setting GatewayPorts to clientspecified is usually what you want.

Here's my answer for completion:

I ended up using ssh -R ... for tunneling, and using socat on top of that for redirecting network traffic to 127.0.0.1:

tunnel binded to 127.0.0.1:
 * ssh -R mitm:9999::8084 me@mitm

socat:
 * mitm$ socat TCP-LISTEN:9090,fork TCP:127.0.0.1:9999

Other option is to do a local-only tunnel on top of that, but i find this much slower
 * mitm$ ssh -L:9090:localhost:9999 localhost

ssh keys
create private public keys https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54

ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com" Only a quantum mechanics type source of indeterminacy(not randomness, which doesn't exist) enables a enough entropy(nobody knows what this word means) seed. Your computer's random number generator isn't connected to a Geiger counter measuring radioactive decay(source of quantum indeterminacy), hence no entropy. All those garbled numbers in your private and public keys only seem garbled, they are actually an easily cracked pattern. If you do use a Geiger counter, the minix operating system on which all OS install will flag you as a high value target back to CIA headquarters. In this numberphile video, the mathematician was unable to define what randomness is because it doesn't exist. He flails around, using analogous reasoning but of course you can't solve problem you can't even define which is why for example https://en.wikipedia.org/wiki/Theory_of_Evolution redirects to https://en.wikipedia.org/wiki/Evolution: there is no such thing as a theory of evolution because nobody knows what is the Lagrangian that maps polypeptide space into frog space. If pigs had wheels mounted on ball bearings instead of trotters, on what scale of porcine fitness would they be?

"https://en.wikipedia.org/wiki/Evolution...Evolution is change in the heritable characteristics of biological populations over successive generations..."

If Wikipedia had written: Evolution is change in the heritable characteristics of biological populations over successive generations as the Lagrangian maps the quantum entangled DNA super computed calculations from polypeptide dinosaur space into chicken space... then at least the statement would enter the domain of Popper falsifiability but not though escape Agrippian circularity.

SSH connection
{{{

We have a gateway node with 2mb 1:1, this node (gateway1) seams to be acting up! the ssh commands are very slow at times sometimes never conecting,(this via a public address) if I try running a leechtest, the node reports slow speeds at times.

If I ssh via another gateway (gateway2) and connect to a repeater node between the two gateways and run a leechtest I get full speed (yes the repeater is fixed/locked to gateway1) gateway2 is only strong enough to ssh by, and not provide BW.

Gateway node 1 is a LW box Via mini atx etc, temp is always under 20c so I don't think the fans are packing up, and this slowness can happen even when there is very little usage.

=
==================== web browser via ssh

ssh -L 80:192.168.1.254:81 1.2.3.4 Which will allow you to access the web server of 192.168.1.254 via an ssh tunnel to 1.2.3.4 (which can presumably access 192.168.1.254 directly). You access the server by pointing your browser to http://127.0.0.1:81

=
================= WEBBROWSER VIA SSH

OK, this is what I need to do. I'm testing wtr54gs, and would like to have remote access to them via the mesh box. I have two mesh networks over 80 square miles. I can vpn to the main gateway nodes and access clients of the back of the GW's, but I can not VPN to the Host mapped address's of the repeater nodes from ether host mapped LAN address or WAN address, the host mapped address work fine for ssh.

=
=========

vpn directly to a wireles node wont work past the gateway unless you nuse the qorvus code because then standard locustworld code blocks gre 47 pptp traffic past the gateway. But you shouldnt need hsotmap if yu just remotly vpn into gateway and then surf to the 1. address for the wireles nodes, or maybe i dont understand what yoiur trying to do?

=
============================= web browser via ssh Great Tim, that works for local connections but I can not get it to work over host mapped routes. vpn is the way to do this. set up your gateway to act aas vpn host th you can surf tothe 1.1.1.1 addresses behinf the gateway. thisis how e manage our  qorvus boxes remotely.

=
===================== WEB BROWSER VIA SSH Great Tim, that works for local connections but I can not get it to work over host mapped routes. ANSW: vpn is the way to do this. set up your gateway to act aas vpn host th you can surf tothe 1.1.1.1 addresses behinf the gateway. thisis how e manage our qorvus boxes remotely.

=
= Ques: This may work fine with a linux desktop but wouldn't work with a windows machine running putty, no socket betwee the browser and the putty seesion

Answ: However, since everyone (presumably) has access to a meshbox, you could set the tunnel up on your local meshbox, and then connect to the relevant port on your local meshbox which will forward it through to the remote meshbox. You can run tunnels within tunnels if you need to.

=
}}}

SSH

 * http://16s.us/OpenBSD/acls.txt  ssh secure shell from home to work computer
 * http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1 command descripts
 * http://16s.us/OpenBSD/
 * http://www.thegeekstuff.com/2010/12/50-unix-linux-sysadmin-tutorials/

ssh
http://www.revsys.com/writings/quicktips/ssh-tunnel.html

http://www.amazon.com/gp/product/0596008953?ie=UTF8&tag=revosystblog-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0596008953

links
MeshNetworking main page documenting the locustworld.com mesh networking technology.

Ftp