Done, thanks Jakub! On Tue, Oct 22, 2019 at 3:52 AM Jakub Jelen <jjelen@xxxxxxxxxx> wrote: > On Mon, 2019-10-21 at 15:01 -0400, Paul Frields wrote: > > I think I got all the changes done, Jakub -- feel free to take a > > look. This > > article is scheduled to go out on Wednesday at 0800 UTC time. > > Thank you for the update. > Now, I have only one minor note about the added GatewayPorts > configuration. It correctly addresses the use case where others people > from example.com need to access the forwarded port, but it does not > modify the remote port forwarding specification, which still uses > "localhost" by default. For the connection to be accessible also from > other hosts, you need to specify it as "-R *:6000:localhost:5000", "-R > 0.0.0.0:6000:localhost:5000" or "-R > remove.example.com:6000:localhost:5000" (examples differ slightly > whether also loopback is bound or not, but all should work -- I would > recommend the star notation as it is shortest). > > Regards, > Jakub > > > On Mon, Oct 21, 2019 at 11:52 AM Jakub Jelen <jjelen@xxxxxxxxxx> > > wrote: > > > > > On Mon, 2019-10-21 at 10:31 -0400, Paul Frields wrote: > > > > On Mon, Oct 21, 2019 at 9:13 AM Jakub Jelen <jjelen@xxxxxxxxxx> > > > > wrote: > > > > > > > > > On Mon, 2019-10-21 at 08:36 -0400, Paul Frields wrote: > > > > > > Jakub, you can still find it here: > > > > > > https://fedoramagazine.org/?p=29503&preview=1&_ppp=7cd9f47a93 > > > > > > > > > > Thank you for the link. > > > > > Generally very nice article. But I have just a few comments: > > > > > > > > > > * There is an error in the first command or it does not match > > > > > description: > > > > > > > > > > $ ssh -L 8000:localhost:8000 remote.example.com > > > > > > > > > > should say > > > > > > > > > > $ ssh -L 80:localhost:8000 remote.example.com > > > > > > > > > > (note, that you will probably have to run it as a root to be > > > > > able > > > > > to > > > > > bind port 80 here -- I think using the local 8000 port would be > > > > > more > > > > > appropriate) > > > > > > > > > > > > > This is actually a mistake in the following paragraph, which > > > > should > > > > have > > > > pointed the browser at port 8000. Also, I found another mistake > > > > just > > > > now > > > > which is that I referenced https:// in a preceding paragraph > > > > implying > > > > port > > > > 443, and that could be confusing compared to the example. I'll > > > > fix > > > > the > > > > narrative so it's all consistent. > > > > > > I missed that S as I was too focused on the port numbers. > > > > > > > > * The Remote port forwarding can be restricted on the server > > > > > with > > > > > PermitOpen and GatewayPorts (binds only-loopback by default) > > > > > configuration options. Mentioning them might save a lot of > > > > > googling > > > > > and > > > > > trouble for readers who would like to try these things. > > > > > > > > > > > > > Good point -- I'll include that. > > > > > > > > > > > > > * I also miss the emphasis on the security in some places. You > > > > > mention > > > > > it, but I think in both of the cases (http, mysql), it is good > > > > > to > > > > > mention that they are (mysql usually) plaintext protocols and > > > > > sending > > > > > them (as it is) over internet is almost never a good idea. > > > > > > > > > > > > > A lot of people run mysql as a local-only service, so I didn't > > > > want > > > > the > > > > article to get too esoteric. > > > > > > > > * I miss the -D dynamic port forwarding, which can solve very > > > > similar > > > > > problems as the local port forwarding, more effectively. But I > > > > > understand that it might come as a separate article since it > > > > > has on > > > > > itself more to say. > > > > > > > > > > > > > Indeed -- the point of this article was to keep things simple. > > > > But I > > > > definitely like the idea of an article on dynamic port forwarding > > > > as > > > > a > > > > followup. I'll look into that! > > > > > > > > > > > > > Otherwise it is very nice read with simple explanations I would > > > > > like > > > > > people to read and I will be happy to point to. > > > > > > > > > > > > > This is good to hear Jakub -- thank you for the thorough and > > > > helpful > > > > review. Once I make changes above, could I ask you to re-review > > > > to > > > > make > > > > sure I don't introduce any "regressions"? > > > > > > Sure. Just let me know when the changes are ready. > > > > > > Jakub > > > > > > > Paul > > > > > > > > > > > > > > On Mon, Oct 21, 2019 at 8:24 AM Jakub Jelen < > > > > > > jjelen@xxxxxxxxxx> > > > > > > wrote: > > > > > > > > > > > > > On Mon, 2019-10-21 at 07:57 -0400, Paul Frields wrote: > > > > > > > > We track our accepted articles through a kanban here: > > > > > > > > > > > > https://teams.fedoraproject.org/project/asamalik-fedora-magazine/kanban > > > > > > > > This story is here along with a link for the article: > > > > > > > > > > > > > > https://teams.fedoraproject.org/project/asamalik-fedora-magazine/us/81 > > > > > > > > Although it does occur to me, have you edited for us > > > > > > > > previously? > > > > > > > > Let > > > > > > > > us > > > > > > > > know if you have any issues reaching the article. > > > > > > > > > > > > > > I already have access to the wp-admin interface, since I > > > > > > > already > > > > > > > wrote > > > > > > > one ssh article, but I do not seem to have access to this > > > > > > > unpublished > > > > > > > article. > > > > > > > > > > > > > > If that is too complicated to let me in, lets drop it and > > > > > > > leave > > > > > > > on > > > > > > > on > > > > > > > the official reviewers. I will not have time to work/review > > > > > > > on > > > > > > > more > > > > > > > articles, but I was interested in this particular one as it > > > > > > > is > > > > > > > my > > > > > > > domain. > > > > > > > > > > > > > > Regards, > > > > > > > Jakub > > > > > > > > > > > > > > > Paul > > > > > > > > > > > > > > > > On Mon, Oct 21, 2019 at 2:59 AM Jakub Jelen < > > > > > > > > jjelen@xxxxxxxxxx> > > > > > > > > wrote: > > > > > > > > > > > > > > > > > On Sun, 2019-10-20 at 19:50 -0400, Paul Frields wrote: > > > > > > > > > > I finished my SSH port forwarding article. Would > > > > > > > > > > someone > > > > > > > > > > like > > > > > > > > > > to > > > > > > > > > > review it > > > > > > > > > > for its Wednesday slot? > > > > > > > > > > > > > > > > > > I think I can do that, at least from the technical > > > > > > > > > point of > > > > > > > > > view. > > > > > > > > > Can > > > > > > > > > you share a link or some place I can do that? I saw the > > > > > > > > > article > > > > > > > > > already > > > > > > > > > scheduled, but I did not find a way to open it. > > > > > > > > > > > > > > > > > > Regards, > > > > > > > > > -- > > > > > > > > > Jakub Jelen > > > > > > > > > Senior Software Engineer > > > > > > > > > Security Technologies > > > > > > > > > Red Hat, Inc. > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > Jakub Jelen > > > > > > > Senior Software Engineer > > > > > > > Security Technologies > > > > > > > Red Hat, Inc. > > > > > > > > > > > > > > > > > > > -- > > > > > Jakub Jelen > > > > > Senior Software Engineer > > > > > Security Technologies > > > > > Red Hat, Inc. > > > > > > > > > > > > > -- > > > Jakub Jelen > > > Senior Software Engineer > > > Security Technologies > > > Red Hat, Inc. > > > > > > > -- > Jakub Jelen > Senior Software Engineer > Security Technologies > Red Hat, Inc. > > _______________________________________________ Fedora Magazine mailing list -- magazine@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to magazine-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/magazine@xxxxxxxxxxxxxxxxxxxxxxx
