availability: January 2017
In our virtual test lab, we have only one official internal IP and we use NAT for our virtual Machines. As described in "using apache as a reverse proxy to access tomcat in virtual-machines" , it is easy to setup an http proxy to have access to the web services on the virtual machines as well. But developers need more then http access, they want to ssh into their virtual machine.
Vmware standard solution is to map the ssh ports behind the NAT to ports on the Vmware Server machine using the NAT.conf in /etc/vmware/vmnet8/nat/nat.conf . While this works, for each machine you need to remap this nat file and also have to restart vmware to reread this file. Here we propose another solution using apache as proxy for SSH access.
Our setup look like this: developers have putty, winscp and want to connect to the Virtual Machine1 and 2
Developers ----> Vmware Server ----> Virtual Machine 1 Putty, Winsp Apache SSHD (ip-vm1) with ----> Virtual Machine 2 Mod_Proxy SSHD (ip-vm2) (ip-server)To setup apache as reverse proxy you need to have mod_ssl installed.
# yum install mod_sslCreate a file ssh-proxy.conf in /etc/httpd/conf.d/
<virtualhost *:443> ServerAdmin webmaster@localhostActivate the proxy_module and proxy_connect module in your /etc/httpd/httpd.conf
ProxyRequests On ProxyVia On
#Add ports you want to be able to connect to through your proxy here AllowCONNECT 22
DocumentRoot /var/www/html <Directory /> Options FollowSymLinks AllowOverride None </Directory> ErrorLog /var/log/httpd/proxy-error.log TransferLog /var/log/httpd/proxy-transfer.log
# Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel notice
LoadModule proxy_balancer_module modules/mod_proxy.so LoadModule proxy_connect_module modules/mod_proxy_connect.soNow you can restart your apache and it should be running now
# apachectl restartTo use it with putty: (as described in http://the.earth.li/~sgtatham/putty/0.60/htmldoc/Chapter4.html#config-proxy