7 Oct
2020
7 Oct
'20
11:32 p.m.
Since we are going off-topic all over the place, I will try to be the pillar
of stability here. (I know, I know, but nobody else will do it.) I am
starting a new thread, because this goes off-topic in a good way.
I believe it was Michael who wrote this memorable line, which immediately got
my attention:
POP through an always present SSH tunnel.
Now, I have used ssh tunnels for lots of programs that are more (what's the
word?) "passive"; that is, listening to online radio, xmpp clients, wget,
youtube-dl and apt-get and other things like that, where I am mostly
downloading data. But when I tried to run Kmail over any proxy connections,
it would crash. It seemed to me that an ssh tunnel would be the way, but how
to do it?
Bill
jabber/xmpp
dr_mojo_contendo(a)hot-chilli.net
8 Oct
8 Oct
6:07 a.m.
Anno domini 2020 Wed, 7 Oct 16:32:12 -0700
William Morder via tde-users scripsit:
Since we are going off-topic all over the place, I
will try to be the pillar
of stability here. (I know, I know, but nobody else will do it.) I am
starting a new thread, because this goes off-topic in a good way.
You earned yourself a cookie :)
I believe it was Michael who wrote this memorable
line, which immediately got
my attention:
POP is running on somewhereelse. You connet to somewhereelse through ssh:
ssh you@somewhereelse -L8110:localhost:110
Now somwherelse:110 (aka POP) is on your localhost:110 - ready for kmail to connext.
Please note, that the "localhost" is leative to somewhereelse, not your local
computer.
POP is running on a thepopserver, reachable from somewhereelse. You connet to
sumewhereelse through ssh and build a tunel that ends on thepopserver. note, thepopserver
only needs to be reachable from somewhereelse, not your local site:
ssh you@somewhereelse -L8110:thepopserver:110
Now thepopserver:110 (aka POP) is on your localhost:110 - ready for kmail to connext.
Or use sshuttle to tunnel all your traffic through somewhereelse.
Note: the local end (on your local computer) of the tunnel is established immediately, the
remote part (somewherelse) is established when something connects to the local end.
Nik
POP through an always present SSH tunnel.
Now, I have used ssh tunnels for lots of programs that are more (what's the
word?) "passive"; that is, listening to online radio, xmpp clients, wget,
youtube-dl and apt-get and other things like that, where I am mostly
downloading data. But when I tried to run Kmail over any proxy connections,
it would crash. It seemed to me that an ssh tunnel would be the way, but how
to do it?
Bill
jabber/xmpp
dr_mojo_contendo(a)hot-chilli.net
____________________________________________________
tde-users mailing list -- users(a)trinitydesktop.org
To unsubscribe send an email to users-leave(a)trinitydesktop.org
Web mail archive available at
https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@trinitydeskt…
--
Please do not email me anything that you are not comfortable also sharing with the NSA,
CIA ...
6:34 a.m.
On Wednesday 07 October 2020 23:07:55 Dr. Nikolaus Klepp wrote:
Just guessing, but I assume that the port number can be changed to, say,
995 -- right?
Also, does it work about the same with smtp?
Anno domini 2020 Wed, 7 Oct 16:32:12 -0700
William Morder via tde-users scripsit:
Yet no ice cream or milk to go with it. Also, I believe there was some mention
of apfelstrudel,* but my plate is still empty.
* apologies for missing umlaut
P.S. We call it apple strudel in these here parts.
Since we are going off-topic all over the place,
I will try to be the
pillar of stability here. (I know, I know, but nobody else will do it.) I
am starting a new thread, because this goes off-topic in a good way.
You earned yourself a cookie :) I believe it was Michael who wrote this memorable
line, which immediately
got
my attention:
POP is running on somewhereelse. You connet to somewhereelse through ssh:
ssh you@somewhereelse -L8110:localhost:110
Now somwherelse:110 (aka POP) is on your localhost:110 - ready for kmail to
connext. Please note, that the "localhost" is leative to somewhereelse, not
your local computer.
POP is running on a thepopserver, reachable from somewhereelse. You connet
to sumewhereelse through ssh and build a tunel that ends on thepopserver.
note, thepopserver only needs to be reachable from somewhereelse, not your
local site: ssh you@somewhereelse -L8110:thepopserver:110
Now thepopserver:110 (aka POP) is on your localhost:110 - ready for kmail
to connext.
POP through an always present SSH tunnel.
Now, I have used ssh tunnels for lots of programs that are more (what's
the word?) "passive"; that is, listening to online radio, xmpp clients,
wget, youtube-dl and apt-get and other things like that, where I am
mostly downloading data. But when I tried to run Kmail over any proxy
connections, it would crash. It seemed to me that an ssh tunnel would be
the way, but how to do it? Or use sshuttle to tunnel all your traffic through
somewhereelse.
Note: the local end (on your local computer) of the tunnel is established
immediately, the remote part (somewherelse) is established when something
connects to the local end.
Nik
Thanks, Nik!
This is why I like the TDE mailing list. Somebody else has probably already
tried out whatever I am just now imagining.
Bill
6:55 a.m.
Anno domini 2020 Wed, 7 Oct 23:34:34 -0700
William Morder via tde-users scripsit:
Just guessing, but I assume that the port number can be changed to, say,
995 -- right?
Yes, sure. And you can change the local portnumber from 8110 to anything else - it just
has to be > 1024 if you are not root. On a note: it's not advised to tunnel an
encrypted protocol through an encrypted tunnel, 'cause it might reduce security - but
that will most likely not impact this usecase.
Nik
--
Please do not email me anything that you are not comfortable also sharing with the NSA,
CIA ...
On Wednesday 07 October 2020 23:07:55 Dr. Nikolaus Klepp wrote:
sweet tooth :) Sorry, but I just ate the last chinnmon rolls ...
Anno domini 2020 Wed, 7 Oct 16:32:12 -0700
William Morder via tde-users scripsit:
Yet no ice cream or milk to go with it. Also, I believe there was some mention
of apfelstrudel,* but my plate is still empty.
* apologies for missing umlaut
P.S. We call it apple strudel in these here parts. Since we are going off-topic all over the place,
I will try to be the
pillar of stability here. (I know, I know, but nobody else will do it.) I
am starting a new thread, because this goes off-topic in a good way.
You earned yourself a cookie :) I believe it was Michael who wrote this memorable
line, which immediately
got
my attention:
POP is running on somewhereelse. You connet to somewhereelse through ssh:
ssh you@somewhereelse -L8110:localhost:110
Now somwherelse:110 (aka POP) is on your localhost:110 - ready for kmail to
connext. Please note, that the "localhost" is leative to somewhereelse, not
your local computer.
POP is running on a thepopserver, reachable from somewhereelse. You connet
to sumewhereelse through ssh and build a tunel that ends on thepopserver.
note, thepopserver only needs to be reachable from somewhereelse, not your
local site: ssh you@somewhereelse -L8110:thepopserver:110
Now thepopserver:110 (aka POP) is on your localhost:110 - ready for kmail
to connext.
POP through an always present SSH tunnel.
Now, I have used ssh tunnels for lots of programs that are more (what's
the word?) "passive"; that is, listening to online radio, xmpp clients,
wget, youtube-dl and apt-get and other things like that, where I am
mostly downloading data. But when I tried to run Kmail over any proxy
connections, it would crash. It seemed to me that an ssh tunnel would be
the way, but how to do it?
Also, does it work about the same with smtp?
Sure :)
ssh you@somewhereelse -L2525:somewherelse:25
Or use sshuttle to tunnel all your traffic
through somewhereelse.
Note: the local end (on your local computer) of the tunnel is established
immediately, the remote part (somewherelse) is established when something
connects to the local end.
Nik
Thanks, Nik!
This is why I like the TDE mailing list. Somebody else has probably already
tried out whatever I am just now imagining.
Bill
____________________________________________________
tde-users mailing list -- users(a)trinitydesktop.org
To unsubscribe send an email to users-leave(a)trinitydesktop.org
Web mail archive available at
https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@trinitydeskt…
2:21 p.m.
On Thursday 08 October 2020 01:55:36 am Dr. Nikolaus Klepp wrote:
Anno domini 2020 Wed, 7 Oct 23:34:34 -0700
William Morder via tde-users scripsit:
> On Wednesday 07 October 2020 23:07:55 Dr. Nikolaus Klepp wrote:
> > Anno domini 2020 Wed, 7 Oct 16:32:12 -0700
> >
> > William Morder via tde-users scripsit:
> > > I believe it was Michael who wrote this memorable line, which
> > > immediately got
> > >
> > > my attention:
> > > > POP through an always present SSH tunnel.
> > >
> > > that an ssh tunnel would be the way, but how to do it?
No offense Nik, your somewhereelse anthology left me a bit confused, attached
is a filtered bash script I use to maintain the SSH tunnel. In my use case,
I’m always connected to the server anyway, so adding the tunnel just made
sense.
My KMail setup is (change whatever you need to for your specific mail setup):
Menu >> Settings >> Configure, Accounts
Receiving, Add, Account Type: POP3
Tab: General
Login: Mail account name
Password: Mail account password
Host: 127.0.0.1
Port: 58110
Yes: Store POP password
{the rest whatever you normally do}
Tab: Extras
Encryption: None
Authentication Method: Clear text
{You can check what the server does, in my case it’s going through the tunnel
on a box I own, so I leave it simple}
{pipelining: I’ve never enabled it, the warning is enough for me...}
Sending, Add, Transport: SMTP
Tab: General
Host: 127.0.0.1
Port: 58025
Yes: Server requires authentication
Login: Mail account name
Password: Mail account password
Yes: Store SMTP password
Tab: Security
Encryption: TLS
Authentication Method: LOGIN
# # #
Hopefully that helps!
Best,
Michael
5:03 p.m.
On Thursday 08 October 2020 07:21:59 Michael via tde-users wrote:
On Thursday 08 October 2020 01:55:36 am Dr. Nikolaus
Klepp wrote:
Thanks, Michael!
It's all grist for the mill. From these hints, together with a little reading
and study of the matter, together with what I've already done, I can probably
figure out the rest.
I did notice that Nik mentioned using an ssh tunnel for *all* system traffic,
and I like that idea, too. It sounds kinda like Tails, or its Devuan version,
Heads; I tried out both, but wanted to stick with my own Devuan system, so
that may show the way for me there.
Besides, certain sites won't function adequately for me over a proxy, no
matter what, when I need to pay bills or buy something, etc., so it's good to
be able to switch from a proxy to a direct connection now and then.
Bill
Anno domini 2020 Wed, 7 Oct 23:34:34 -0700
William Morder via tde-users scripsit:
> On Wednesday 07 October 2020 23:07:55 Dr. Nikolaus Klepp wrote:
> > Anno domini 2020 Wed, 7 Oct 16:32:12 -0700
> >
> > William Morder via tde-users scripsit:
> > > I believe it was Michael who wrote this memorable line, which
> > > immediately got
> > >
> > > my attention:
> > > > POP through an always present SSH tunnel.
> > >
> > > that an ssh tunnel would be the way, but how to do it?
No offense Nik, your somewhereelse anthology left me a bit confused,
attached is a filtered bash script I use to maintain the SSH tunnel. In my
use case, I’m always connected to the server anyway, so adding the tunnel
just made sense.
My KMail setup is (change whatever you need to for your specific mail
setup):
Menu >> Settings >> Configure, Accounts
Receiving, Add, Account Type: POP3
Tab: General
Login: Mail account name
Password: Mail account password
Host: 127.0.0.1
Port: 58110
Yes: Store POP password
{the rest whatever you normally do}
Tab: Extras
Encryption: None
Authentication Method: Clear text
{You can check what the server does, in my case it’s going through the
tunnel on a box I own, so I leave it simple}
{pipelining: I’ve never enabled it, the warning is enough for me...}
Sending, Add, Transport: SMTP
Tab: General
Host: 127.0.0.1
Port: 58025
Yes: Server requires authentication
Login: Mail account name
Password: Mail account password
Yes: Store SMTP password
Tab: Security
Encryption: TLS
Authentication Method: LOGIN
# # #
Hopefully that helps!
Best,
Michael
7:15 p.m.
On Thursday 08 October 2020 12:03:02 pm William Morder via tde-users wrote:
It's all grist for the mill. From these hints,
together with a little
reading and study of the matter, together with what I've already done, I
can probably figure out the rest.
I did notice that Nik mentioned using an ssh tunnel for *all* system
traffic, and I like that idea, too. It sounds kinda like Tails, or its
Devuan version, Heads; I tried out both, but wanted to stick with my own
Devuan system, so that may show the way for me there.
An ssh tunnel for *all* system traffic is just a VPN. Buy a cheap VPS
(<$25US/yr) which becomes your 'VPN provider.' Then follow published guides
to setup you local proxy and/or network interface to route through the SSH
tunnel to your VPS.
It’s pretty easy.
To make it a bit easier (and harder at the same time?) setup a LEAF* box on a
Pi (or that other $35 dollar computer on a board) to provide DHCP and then
you computer doesn’t even know it’s being re-routed. This is the easiest way
to do ‘whole house’ VPN type stuff.
Best,
Michael
*
http://leaf.sourceforge.net/
^ Not the only software that’ll do this...
7:52 p.m.
Anno domini 2020 Thu, 8 Oct 14:15:02 -0500
Michael via tde-users scripsit:
On Thursday 08 October 2020 12:03:02 pm William Morder
via tde-users wrote:
You can use "sshuttle" for this.
Nik
It's all grist for the mill. From these
hints, together with a little
reading and study of the matter, together with what I've already done, I
can probably figure out the rest.
I did notice that Nik mentioned using an ssh tunnel for *all* system
traffic, and I like that idea, too. It sounds kinda like Tails, or its
Devuan version, Heads; I tried out both, but wanted to stick with my own
Devuan system, so that may show the way for me there.
An ssh tunnel for *all* system traffic is just a VPN. Buy a cheap VPS
(<$25US/yr) which becomes your 'VPN provider.' Then follow published guides
to setup you local proxy and/or network interface to route through the SSH
tunnel to your VPS.
It’s pretty easy.
To make it a bit easier (and harder at the same time?) setup a LEAF* box on a
Pi (or that other $35 dollar computer on a board) to provide DHCP and then
you computer doesn’t even know it’s being re-routed. This is the easiest way
to do ‘whole house’ VPN type stuff.
Best,
Michael
*
http://leaf.sourceforge.net/
^ Not the only software that’ll do this...
____________________________________________________
tde-users mailing list -- users(a)trinitydesktop.org
To unsubscribe send an email to users-leave(a)trinitydesktop.org
Web mail archive available at
https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@trinitydeskt…
--
Please do not email me anything that you are not comfortable also sharing with the NSA,
CIA ...
1536
days inactive
1537
days old
7 comments
3 participants
participants (3)
-
Dr. Nikolaus Klepp -
Michael -
William Morder