Showing posts with label ssh. Show all posts
Showing posts with label ssh. Show all posts

Saturday, January 18, 2025

Slow SSHFS transfer speeds under OSX

If you’ve noticed that SSHFS transfers are much slower (several times slower) than SCP on macOS, you're not alone. This issue seems to be tied to how macFUSE and SSHFS interact, particularly around I/O block size. A detailed discussion about the root cause of this problem can be found in a GitHub issue thread.

The good news is that in the tread it is also proposed a fix: increase the I/O block size. By setting it to 1MB (-o iosize=1048576), I was able to significantly speed up transfers with just a small 10% overhead.

I applied this change by adding it to my ~/.zshrc (or ~/.bashrc):

     alias sshfs='sshfs -o iosize=1048576'

It's a quick win if you rely on SSHFS for remote file systems!

Posted by No comments:
Labels: ,

Monday, March 20, 2023

Running HTTPS and SSH over the same port with SSLH

Do you need to access your network services from remote locations but are blocked by firewalls or other
access restrictions? You might want to try SSLH, a powerful open-source tool that enables you to run multiple network services over a single port. This allows you to bypass firewalls and access your network services from anywhere. Here will show you how to use SSLH to run both HTTPS and SSH on the same port, but SSLH also supports HTTP and OpenVPN. 

Installing SSLH
SSLH is available in most Linux distributions' package managers, so installation is straightforward. You can install SSLH using the following command:

$ sudo apt-get install sslh

Configuring SSLH
Once SSLH is installed, you need to configure it to run both HTTPS and SSH on the same port. The configuration file for SSLH is usually located at /etc/default/sslh. In the configuration below SSLH listens on all available network interfaces on port 443, and it proxies SSH to port 22 of localhost and HTTPS to port 2443 of localhost. 

DAEMON_OPTS="-u sslh -p 0.0.0.0:443 -s 127.0.0.1:22 -l 127.0.0.1:2443 -P /var/run/sslh.pid"
RUN=yes

Before restarting SSLH, make sure to configure your web server to listen to 2443 instead of 443. Then, restart SSLH with

$ /etc/init.d/sslh start

Testing SSLH
To test SSLH, you can try accessing both the HTTPS and SSH services through the SSLH port. For example, to access HTTPS, open a web browser and navigate to https://<your-server-address>:443. To access SSH, open a terminal and use the ssh command  ssh your-server-address -p 443



Posted by No comments:
Labels: , , , ,

Saturday, June 15, 2013

OSX: Start SSH socks proxy and change network settings from the command line

Everybody loves to travel. I also enjoy to experience the internet from other places, but this I can do without leaving my house. All I need is a remote unix computer which I can access by SSH.

The script below sets up SSH dynamic port forwarding and changes the network proxy settings all by itself. When communication is cut, with Ctrl-D, it goes back to the usual proxy configuration (no proxy). Tested on OSX 10.6.8.


#!/bin/bash
#title           :socksProxySSH.sh
#description     :initiates SSH dynamic port forwarding and sets up 
#                 the network proxy settings for you
#author          :Gabriele Facciolo (http://linuxtoosx.blogspot.com/)
#date            :20130615
#version         :1.0
#OSX version     :Tested on OSX 10.6.8  
#usage           :socksProxySSH.sh [remoteHost [localPort (default:1080)]]

DEFAULTSSHHOST=""
DEFAULTLOCALSOCKSPORT=1080

# DEAL WITH COMMAND LINE PARAMETERS
if [ "${1}" != "" ]
then
   SSHHOST=$1
else
   SSHHOST=$DEFAULTSSHHOST
fi
if [ "${2}" != "" ]
then
   LOCALSOCKSPORT=$2
else
   LOCALSOCKSPORT=$DEFAULTLOCALSOCKSPORT
fi
# SORRY NO SSHHOST
if [ "${SSHHOST}" == "" ]
then 
   echo "${0}: initiates SSH dynamic port forwarding and "
   echo "sets up the network proxy settings for you."
   echo ""
   echo "    Usage:   ${0} [remoteHost [localPort(default:1080)]]"
   echo ""
   echo "Indicate a remoteHost, or set the DEFAULTSSHHOST variable" 
   exit 1
fi


# ENABLE SOCKS ON ACTIVE INTERFACES 
networksetup -listallnetworkservices | grep -v asterisk | while read line ; do 
t=`networksetup -getinfo "$line" | grep "IP address" | grep -v none`
if [ "$t" ]; then
   tt=`networksetup -getsocksfirewallproxy "$line" | grep -v Authenticated | grep "Enabled: No"` 
   if [ "$tt" ]; then
      echo Enabling SOCKS on $line
      networksetup -setsocksfirewallproxy "$line" localhost $LOCALSOCKSPORT
   fi
fi
done 


# OPEN CONNECTION AND INITIATE SOCKS SERVER
echo ""
echo "INITIATING SSH CONNECTION AND SOCKS SERVER..."
echo "========================================================="
echo "TO DISCONNECT FIRST HIT Ctrl-D, WAIT A SECOND THEN Ctrl-C"
echo "========================================================="
echo ""
ssh -C -D *:$LOCALSOCKSPORT $SSHHOST


# DISABLE SOCKS ON ACTIVE INTERFACES 
networksetup -listallnetworkservices | grep -v asterisk | while read line ; do 
t=`networksetup -getinfo "$line" | grep "IP address" | grep -v none`
if [ "$t" ]; then
   tt=`networksetup -getsocksfirewallproxy "$line" | grep -v Authenticated | grep "Enabled: Yes"` 
   if [ "$tt" ]; then
      echo Disabling SOCKS on $line
      networksetup -setsocksfirewallproxystate "$line" off
   fi
fi
done



Description of the key commands:
  • networksetup -listallnetworkservices
    Displays a list of all the network services on the server's hardware ports. An asterisk (*) denotes that a network service is disabled.
    Sample output:
             USB Ethernet
             AirPort
             Bluetooth DUN
  • networksetup -getinfo "Airport"
    Displays the IP address, subnet mask, router, and hardware address for the device that you specify.
  • networksetup -getsocksfirewallproxy Airport
    Displays SOCKS proxy (server, port, enabled value) info for the device.
    Sample output:
             Enabled: No
             Server: localhost
             Port: 1080
             Authenticated Proxy Enabled: 0
  • networksetup -setsocksfirewallproxy Airport localhost 1080
    Set and enable the SOCKS proxy server  localhost:1080.
  •  ssh -C -D *:1080 your.remote.host
    Launch ssh with dynamic port forwarding
  • networksetup -setsocksfirewallproxystate Airport off
    Disables SOCKS proxy.

Sources:
Posted by No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)