SUMMARY: Slightly off topic | Two-hops SSH tunnelling.
- From: Loris Serena <loris.serena@xxxxxx>
- Date: Thu, 25 May 2006 16:43:59 +0100
Thanks a mill to Graham Wood who hit the nail on the head.
On GOOFY I had to set "AllowTcpForwarding yes" in sshd_config.
Cheers
Loris
-----Original Message-----
From: Loris Serena
Sent: 24 May 2006 15:21
To: 'sunmanagers@xxxxxxxxxxxxxxx'
Subject: Slightly off topic | Two-hops SSH tunnelling.
Guys,
Sorry for the slightly off-topic post, but I couldn't get any working
suggestion from the secureshell mailing list.
I managed to get the following working:
--------------------------------------------------------------------
A firewall between SERVER and CLIENT only allows TCP port 22 from
SERVER to CLIENT (but not viceversa!)
SERVER -------22------> CLIENT
What I would like to achieve via ssh tunnelling is to send TCP port
1984 traffic from CLIENT to SERVER:
SERVER <-----1984------ CLIENT
--------------------------------------------------------------------
by running (on SERVER):
$ ssh -f -N -R 1984:SERVER:1984 CLIENT
Now I'd like to add the next (and last) bit of the configuration to the
picture:
There is another firewall between CLIENT and GOOFY, again only allowing TCP
port 22 from CLIENT to GOOFY (and NOT viceversa!):
SERVER -------22------> CLIENT -------22-------> GOOFY
What I would like to achieve via ssh tunnelling is to send TCP port 1984
traffic from GOOFY to SERVER (through CLIENT):
SERVER <-----1984----- CLIENT
SERVER <----------------(CLIENT)----------1984------ GOOFY
Please note that the remote forwarding of 1984 from CLIENT to SERVER is
already working
On CLIENT, I ran `ssh -f -N -R 1984:127.0.0.1:1984 GOOFY`
but testing that with telnet from GOOFY, it failed as follows:
[GOOFY]$ telnet localhost 1984
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
So, how do I do that?
Any security issues I should be aware of?
Thanks in advance
Loris
BT Communications Ireland Limited
is a wholly owned subsidiary of BT Group plc
Registered in Ireland, Registration No. 141524
Grand Canal Plaza, Upper Grand Canal Street, Dublin, Ireland
This electronic message contains information (and may contain files) from BT
Communications Ireland Limited which may be privileged or confidential. The
information is intended to be for the sole use of the individual(s) or
entity named above. If you are not the intended recipient be aware that any
disclosure, copying, distribution or use of the contents of this information
and or files is prohibited. If you have received this electronic message in
error, please notify us by telephone or email (to the numbers or address
above) immediately. http://www.btireland.ie
_______________________________________________
sunmanagers mailing list
sunmanagers@xxxxxxxxxxxxxxx
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
BT Communications Ireland Limited
is a wholly owned subsidiary of BT Group plc
Registered in Ireland, Registration No. 141524
Grand Canal Plaza, Upper Grand Canal Street, Dublin, Ireland
This electronic message contains information (and may contain files) from BT
Communications Ireland Limited which may be privileged or confidential. The
information is intended to be for the sole use of the individual(s) or
entity named above. If you are not the intended recipient be aware that any
disclosure, copying, distribution or use of the contents of this information
and or files is prohibited. If you have received this electronic message in
error, please notify us by telephone or email (to the numbers or address
above) immediately. http://www.btireland.ie
_______________________________________________
sunmanagers mailing list
sunmanagers@xxxxxxxxxxxxxxx
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
- Prev by Date: Summary: V440 leaves nic down on boot
- Next by Date: HELP: what make harddisk crash
- Previous by thread: Summary: V440 leaves nic down on boot
- Next by thread: HELP: what make harddisk crash
- Index(es):
Relevant Pages
|
|
