DarkMatter in Cyberspace

Meteor Development Collaboration

Meteor developer Tom and Bob are in different location. Tom is the main coder and Bob is the mentor. Their remote collaboration mode is:

  • Voice talk through Moxtra/QQ/Skype;

  • Code and browser sharing through a VPS on Internet;

VPS Configuration

The IP address of the VPS is 100.101.102.103. Add a user "nf" as the SSH forwarding user:

useradd -m nf
passwd nf

To allow remote port forwarding to bind to non-loopback addresses, add GatewayPorts yes into /etc/ssh/sshd_config (NOT ssh_config), then service ssh reload. Without this, the listening port on VPS is bind to "127.0.0.1" instead of "0.0.0.0". You can find out it with netstat -lnput|grep 3000, when the forwarding port is 3000.

Before adding GatewayPorts yes:

root@iZ25459xzbtZ:~# netstat -lnput|grep :3000
tcp        0      0 127.0.0.1:10022         0.0.0.0:*               LISTEN      24588/1

After adding GatewayPorts yes:

root@iZ25459xzbtZ:~# netstat -lnput|grep :3000
tcp        0      0 0.0.0.0:10022           0.0.0.0:*               LISTEN      24588/1

The 4th item (binding IP) is changed from loopback (127.0.0.1) to public interface (0.0.0.0).

Code editor sharing

Tom install tmux on his Linux OS. And start up a tmux session as the develop environment:

tmux new -s myWebsite

To make Bob ssh to his laptop, Tom need run the following command on his laptop:

ssh -g -R 10022:localhost:22 nf@100.101.102.103

where -g means "Allows remote hosts to connect to local forwarded ports", -R means a "Remote" port forwarding is created with this ssh connection (which means when this ssh connection closed, the port forwarding will be dropped, too). In "10022:localhost:22", the first part is the port number on remote host, the second and third is the hostname and port number of local machine.

So the whole command means: Tom ssh to server 100.101.102.103 as user nf, while creating a port forwarding. So all connect to 10022 on remote host, will be forwarded to Tom's laptop on port 22.

After login, the forwarding tunnel is created. On VPS, verify port 3000 is bind to public interface instead of loopback:

netstat -lnput|grep 3000

Bob need run the following command to join Tom:

ssh -p 10022 tom@100.101.102.103
tmux attch -t myWebsite

Notice that the user name is "tom" instead of "nf" in above command. And the password is tom's on his laptop, instead of nf's on the VPS.

So if Bob want to review Tom's codes, he should:

  1. Get a VPS with a public IP "100.101.102.103", create a user (say, nf);

  2. On the VPS, copy Tom's SSH public key into /home/nf/.ssh/authorized_keys.

  3. Let Tom run ssh -g -R 10022:localhost:22 nf@100.101.102.103;

  4. SSH to Tom's host with ssh -p 10022 tom@100.101.102.103; and start a tmux session: tmux new -s foo;

  5. Let Tom attach to the session: tmux attach -t foo;

  6. After job is done, let Tom logout from the VPS;

Web serer sharing

Tom run this command to create the tunnel:

ssh -g -R 3000:localhost:3000 nf@100.101.102.103

Bob can visit the web server with url "100.101.102.103:3000".

Ref:

http://serverfault.com/questions/379344/selecting-interface-for-ssh-port-forwarding

https://juliansimioni.com/blog/howto-access-a-linux-machine-behind-a-home-router-with-ssh-tunnels/

Published

Last Updated

Category

Tech

Tags

Contact