Firefox extensions for Amazon Web Services

Wednesday, 08. 12. 2009  –  Category: vague

These two Firefox extensions are soothing the pain between the CLI and the AJAX-with-treacle web interface:

There’s bound to be something that draws together all the foregin keys – AMI, volume, instance, reservation etc – but I’ve yet to find that. Been putting off writing it for a while…

iLO port forwards

Wednesday, 08. 5. 2009  –  Category: stash

(woah, neglected blog)

HPaq’s iLO is a strange beast, its functionality seems split between the SSH CLI and the web interface. Depending on your particular mission, some goals are only achievable using the whole ActiveX / Java remote console in IE. Sigh.

To get this flying from virtualised VMware, here’s the full SSH mutter to forward the ports via an access host. I’m always forgetting it, thus this post.

sudo ssh -g -L 80:${IP}:80 -L 3389:${IP}:3389 -L 443:${IP}:443 -L 17988:${IP}:17988 -L 17990:${IP}:17990 -L 23:${IP}:23 access005.example.com

IP is the iLO’s address. -g allows the port forwards to be reachable via other LAN hosts (eg: the VMware guest).  The sudo sorts the forwards for those super-privileged < 1024 ports.

Yes, that really is port 23 – telnet.

OpenSSH’s SOCKS forwarding

Sunday, 01. 18. 2009  –  Category: stash, web

It’s always great to discover a feature in a tool you use everyday. Someone pointed out to me that, in addition to local and remote port forwarding, OpenSSH also offers what it calls dynamic application-level port forwarding. Put more simply, OpenSSH can act as a local SOCKS proxy punting the traffic out the remote end of the connection:

ssh -Dlocalhost:1080 -C host.example.com

You can now aim your browser’s SOCKS settting at localhost:1080. Bonus points for using a locally-hosted PAC file to determine which traffic is routed via the proxy:
function FindProxyForURL(url, host) {
  if (shExpMatch(host, "*.example.com"))
    return "SOCKS 127.0.0.1:1080"
  else
    return "DIRECT";
}

For getting sight of servers behind a firewall without remote proxies and continual browser fiddling this is ideal. Thanks Murb!