The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]

 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 ssh tunnels
Author: jim 
Date:   17-06-04 13:42

the ssh commahd you need is something like:

ssh -fNL 5999:cvs.example.cam:5999 user@box.example.com

That connect to box.example.com, and forward your local
port 5559 to box.example.com, and thence to cvs.example.com,
port 5999.

This will help you in two situations:

1) You have a shell account at example, but their cvs
server is firewalled. As long as box.example.com is
on the cvs server's subnet, then this forward will
let you point cvsup at localhost for the loot.

2) You are *inside* a firewall, and can't get out except
for ssh. Then, the same forward will let you tunnel 5999
through 22 on the firewall, to the remote host.

The same technique can be used to, for example, tunnel irc:

ssh -fNL 6667:irc.prison.net:6667 user@host
irssi -c localhost

But, what's *really* cool is reverse ssh tunnels.

on your box: ssh -fNR 2048:localhost:22 user@box1
on box1 : ssh -fgNR 2048:localhost:2048 user@box2

Now, anyone who ssh's to port 2048 on box2, will be tunneled
through non-priveledged ports on box2 -> box1, and thence to
22 on your box. You can use this to get ssh access in (indeed,
any access - irc server on your desktop at work? no problem ;)
through even the most severe firewall.


enjoy.

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org