rsnt_translations
57,772
edits
SSH tunnelling: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
No edit summary |
||
| Line 52: | Line 52: | ||
Certain commercially-licensed programs must connect to a license server machine | Certain commercially-licensed programs must connect to a license server machine | ||
somewhere on the Internet via a predetermined port. If the compute node where | somewhere on the Internet via a predetermined port. If the compute node where | ||
the program is running has no access to the Internet, then a | the program is running has no access to the Internet, then a <i>gateway server</i> | ||
which does have access must be used to forward communications on that port, | which does have access must be used to forward communications on that port, | ||
from the compute node to the license server. To enable this, one must set up | from the compute node to the license server. To enable this, one must set up | ||
an | an <i>SSH tunnel</i>. Such an arrangement is also called <i>port forwarding</i>. | ||
<!--T:10--> | <!--T:10--> | ||
| Line 97: | Line 97: | ||
A further command to add to the job script should tell the software | A further command to add to the job script should tell the software | ||
that the license server is on port COMPUTEPORT on the server | that the license server is on port COMPUTEPORT on the server | ||
<i>localhost</i>. The term <i>localhost</i> is the standard name by which a computer refers to itself. It is to be taken literally and should not be replaced with your computer's name. Exactly how to inform your software to use this port on <i>localhost</i> will | |||
depend on the specific application and the type of license server, | depend on the specific application and the type of license server, | ||
but often it is simply a matter of setting an environment variable in | but often it is simply a matter of setting an environment variable in | ||
| Line 148: | Line 148: | ||
<!--T:34--> | <!--T:34--> | ||
On your computer, open a new terminal window and run the following sshuttle command to create the tunnel. | On your computer, open a new terminal window and run the following <code>sshuttle</code> command to create the tunnel. | ||
<!--T:35--> | <!--T:35--> | ||
| Line 182: | Line 182: | ||
<!--T:43--> | <!--T:43--> | ||
This command forwards connections to | This command forwards connections to <b>local port<b/> 8888 to port 8888 on cdr544.int.cedar.computecanada.ca, the <b>remote port</b>. | ||
The local port number, the first one, does not | The local port number, the first one, does not <i>need</i> to match the remote port number, the second one, but it is conventional and reduces confusion. | ||
<!--T:44--> | <!--T:44--> | ||
| Line 204: | Line 204: | ||
<!--T:48--> | <!--T:48--> | ||
These commands connect port number PORT on your local host to PostgreSQL or MySQL database servers respectively. The port number you choose (PORT) should not be bigger than 32768 (2^15). In this example, | These commands connect port number PORT on your local host to PostgreSQL or MySQL database servers respectively. The port number you choose (PORT) should not be bigger than 32768 (2^15). In this example, <i>someuser</i> is your account username. The difference between this connection and an ordinary SSH connection is that you can now use another terminal to connect to the database server directly from your desktop. On your desktop, run one of these commands for PostgreSQL or MySQL as appropriate: | ||
<!--T:49--> | <!--T:49--> | ||
| Line 213: | Line 213: | ||
<!--T:50--> | <!--T:50--> | ||
MySQL requires a password; it is stored in your | MySQL requires a password; it is stored in your <i>.my.cnf</i> located in your home directory on Cedar. | ||
The database connection will remain open as long as the SSH connection remains open. | The database connection will remain open as long as the SSH connection remains open. | ||
</translate> | </translate> | ||