From 31baf5fbefdadfa4fe561b5b9b211f5beb4cecf6 Mon Sep 17 00:00:00 2001 From: "Alex Ellis (OpenFaaS Ltd)" Date: Thu, 8 Feb 2024 10:59:08 +0000 Subject: [PATCH] Remove proxy proto Signed-off-by: Alex Ellis (OpenFaaS Ltd) --- ...-02-05-access-all-your-ssh-servers-with-sshmux.md | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/blog/_posts/2024-02-05-access-all-your-ssh-servers-with-sshmux.md b/blog/_posts/2024-02-05-access-all-your-ssh-servers-with-sshmux.md index 13f4584..6292454 100644 --- a/blog/_posts/2024-02-05-access-all-your-ssh-servers-with-sshmux.md +++ b/blog/_posts/2024-02-05-access-all-your-ssh-servers-with-sshmux.md @@ -57,11 +57,7 @@ inletsctl create \ Fill in the other fields as prompted such as your access token. You can see the full [reference for inletsctl here](https://docs.inlets.dev/reference/inletsctl/). -DigitalOcean will email you an initial root password. Use it to log in and edit the `/etc/systemd/system/inlets-pro.service` file. - -Add `--proxy-protocol="v2"` to the `ExecStart` line as an additional argument. - -Then restart the server with `sudo systemctl daemon-reload && sudo systemctl restart inlets-pro`. +DigitalOcean will email you an initial root password, which is handy if you need to log in to debug things or make any edits. Next create a config.yaml file on a computer in your private network. You can think of this machine as being like a jumpbox, or a bastion host. The `sshmux server` will run here in order to forward connections to your other servers. @@ -144,12 +140,6 @@ ssh -L 8080:127.0.0.1:8080 octoprint.inlets Then access it via `http://127.0.0.1:8080` in your web browser. -## Do you need to use this TCP tunnel server for other things? - -If you also want to use the same TCP tunnel server for other things in addition to SSH like the kubectl API server, then make sure they support and are configured to expect PROXY protocol v2. - -If not, you can either run two separate TCP tunnel servers, or turn off PROXY protocol on both the tunnel server by adding `--proxy-protocol=""` to the `inlets-pro tcp server` command and on sshmux server by adding `--disable-proxy-proto` to `inlets-pro sshmux server`. - ## Wrapping up In a very short period of time, a prototype written over the FOSDEM weekend has made it into the inlets-pro product. It's not the only way to connect to various machines with your local network, but it's a very simple and effective way to do it if you're already using inlets.