Message from @Goz3rr

Discord ID: 528560577409318912

Tervy
2018-12-29 13:01:21 UTC  

@timsandtoms just get evaluation version from their site

Tervy
2018-12-29 13:02:52 UTC  

@porco you mean reverse proxying ?

porco
2018-12-29 13:03:23 UTC  

yes I could solve the http thing with an nginx reverse proxy, but I'd like to do it with all services, specifically ssh, ftp, http, https

Tervy
2018-12-29 13:03:34 UTC  

Squid ?

Goz3rr
2018-12-29 13:03:44 UTC  

you can't exactly do it in the way you describe i think

Goz3rr
2018-12-29 13:03:54 UTC  

if you open say, a ssh connection, i don't think it sends the hostname used

Goz3rr
2018-12-29 13:03:56 UTC  

unlike http

porco
2018-12-29 13:03:57 UTC  

but amazon does it on AWS

Goz3rr
2018-12-29 13:04:05 UTC  

yeah but they probably do it on a DNS level then

porco
2018-12-29 13:04:16 UTC  

on amazon, you can ssh using the hostname, but not using the IP, because other containers have the same IP

porco
2018-12-29 13:04:19 UTC  

right that could be

porco
2018-12-29 13:05:04 UTC  

so instead, the better way would probably be to let ssh run on a different port on every vm, and then just use ssh forwarding

porco
2018-12-29 13:05:30 UTC  

ssh host:2201 => vm 1
ssh host:2202 => vm 2 etc etc

timsandtoms
2018-12-29 13:05:36 UTC  

@Tervy Can I permanently activate that and use group policy?

Goz3rr
2018-12-29 13:06:03 UTC  

maybe look at SRV records?

porco
2018-12-29 13:06:39 UTC  

Let me look that up

Tervy
2018-12-29 13:06:54 UTC  

@timsandtoms not 100% sure so i wont give you "yes" answer to that

timsandtoms
2018-12-29 13:08:30 UTC  

No worries. I'm just trying to avoid that hour long trawl through the MDL forums that I always end up doing, I'll suck it up and stop being lazy.

porco
2018-12-29 13:10:43 UTC  

@Goz3rr from what I understand, for using a srv record, the service would need to be discoverable already

porco
2018-12-29 13:10:58 UTC  

which isn't if my IP is internal

Goz3rr
2018-12-29 13:11:01 UTC  

I never used AWS so I'm not familiar with what they do, but on azure they just open up different ports

Goz3rr
2018-12-29 13:11:04 UTC  

reading what AWS does now

porco
2018-12-29 13:11:06 UTC  

I can't set 10.10.10.1 as a target

Goz3rr
2018-12-29 13:11:16 UTC  

but it looks like they use a ssh server on the host as a proxy

porco
2018-12-29 13:11:19 UTC  

oh I tried to find that out, too

Goz3rr
2018-12-29 13:13:36 UTC  

you can uh

Goz3rr
2018-12-29 13:13:41 UTC  

set up one ssh server as a gateway

Goz3rr
2018-12-29 13:13:47 UTC  

that redirects based on key

Goz3rr
2018-12-29 13:13:54 UTC  

because the protocol doesn't actually send the hostname

porco
2018-12-29 13:14:05 UTC  

the key thing is a good idea though

Goz3rr
2018-12-29 13:14:36 UTC  

the first paragraph here

porco
2018-12-29 13:15:08 UTC  

that looks like what I want to do

porco
2018-12-29 13:15:12 UTC  

I'll try that out

porco
2018-12-29 13:15:35 UTC  

if it works I can make a nice script to deploy the keys and it's good to go

Tervy
2018-12-29 13:16:02 UTC  

then there is always the overkill "traefik" setup

porco
2018-12-29 13:16:33 UTC  

yes but that's also just http

Goz3rr
2018-12-29 13:16:48 UTC  

alternatively most ssh clients support jumphosts

Goz3rr
2018-12-29 13:16:59 UTC  

so you ssh in to your host, and then it runs the ssh command to ssh into the instance you want

porco
2018-12-29 13:17:12 UTC  

jumphosts are what I am using now but I spend a few hours / week explaining people how to use jumphosts

Tervy
2018-12-29 13:17:14 UTC  

really ? i always thought traefik can do almost anyhting on packets you want