Host turris
Hostname 192.168.1.1
User root
Port 22
LocalForward 127.0.0.1:8000 127.0.0.1:80
ssh turris
But when I now enter http://127.0.0.1:8000/ into my web browser, I get the following message: The connection to the server was reset while the page was loading.
And in the terminal appears: channel 2: open failed: connect failed: connection denied
Try clearing browser cache or start with new profile, generally I use different profiles for different things.
I have also same setup and works fine for me.
I use SSH to tunnel connection (not only to the omnia bust also to other systems) since quite some time… It works without problems. But I use a virtual Debian (via lxc on the omnia) which is the SSH-tunnel endpoint.
You have to enable port-forwarding in the SSH-daemon. The actual tuinnel-configuration ist done in the SSH-client. And you have to configure a proxy in your browser.
Hi, I wish this would help me. Please consider me as a complete newbie
In the ~ /.ssh/config file I use to connect to my Omnia, I added the following line as described in the mentioned guide: LocalForward 127.0.0.1:8000 127.0.0.1:80
I guess you have just broken the lighttpd configuration and it does not start.
What do you get when you run pidof lighttpd || echo -e 'lighttpd not running'?
root@staging-gw-prg:~# pidof lighttpd || echo -e 'lighttpd not running'
26423
root@staging-gw-prg:~# service lighttpd stop
root@staging-gw-prg:~# pidof lighttpd || echo -e 'lighttpd not running'
lighttpd not running
root@staging-gw-prg:~#
You can even try to run lighttpd -f /etc/lighttpd/lighttpd.conf -tt to check the configuration for errors.
Anyway, I think the best approach is to add a rule to the firewall blocking the access to the webserver port(s). The loopback access won’t be affected.
root@turris:~# service lighttpd restart
root@turris:~# service lighttpd status
running
root@turris:~# pidof lighttpd || echo -e 'lighttpd not running'
10270
Good.
Next step is to verify the SSH tunnel works.
On your computer run ssh root@192.168.1.1 -L:8000:127.0.0.1:80 and try to access the http://localhost:8000. If it works for you now, you can block the access to the router management panel with firewall rule.
It will get renamed back to 40-ssl-enable.conf (or created) with every update so it is useless to move/delete/rename it. Do not fiddle with it, it bites back.