Multiple "channels" on forwarded port (with a ssh-reverse-tunnel behind)
Ajay Garg
ajaygargnsit at gmail.com
Wed Apr 12 07:08:19 UTC 2017
Hi All.
Let's say, we have a server-block like
########################################################################
server {
listen 2001 ssl;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
location / {
auth_basic 'Restricted';
auth_basic_user_file /home/
20da689b45c84f2b80bc84d651ed573f/.htpasswd;
if ($remote_user = "
20da689b45c84f2b80bc84d651ed573f") {
proxy_pass
https://127.0.0.1:2000;
}
}
}
########################################################################
and when a user opens the browser window. she authenticates, and is
appropriately forwarded to port 2000 on the server.
This port (2000) is in a LISTENING state on the server, created via a
ssh-reverse-tunnel, through the command
sshpass -p password ssh -N -R 0.0.0.0:2000:192.168.1.1:443
user at 1.2.3.4
from the remote-machine.
Things work fine if only one user is forwarded to port 2000.
However, I observe that if a second user logs into the server and provides
the same auth-credentials, a 502-Bad-Gateway error is observed 99% of the
times.
Is this expected?
Does the forwarding over a ssh-reverse-tunnelled-port work reliably only if
one user is forwarded to the port?
I am sorry if I am posting to the wrong list, not sure if this is a
question related to nginx or ssh-reverse-tunnelling in general.
Will be great to hear thoughts/experiences from the experts.
Thanks and Regards,
Ajay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170412/69f37daa/attachment.html>
More information about the nginx
mailing list