Author: jim
Date: 17-06-04 13:42
the ssh commahd you need is something like:
ssh -fNL 5999:cvs.example.cam:5999 user@box.example.com
That connect to box.example.com, and forward your local
port 5559 to box.example.com, and thence to cvs.example.com,
port 5999.
This will help you in two situations:
1) You have a shell account at example, but their cvs
server is firewalled. As long as box.example.com is
on the cvs server's subnet, then this forward will
let you point cvsup at localhost for the loot.
2) You are *inside* a firewall, and can't get out except
for ssh. Then, the same forward will let you tunnel 5999
through 22 on the firewall, to the remote host.
The same technique can be used to, for example, tunnel irc:
ssh -fNL 6667:irc.prison.net:6667 user@host
irssi -c localhost
But, what's *really* cool is reverse ssh tunnels.
on your box: ssh -fNR 2048:localhost:22 user@box1
on box1 : ssh -fgNR 2048:localhost:2048 user@box2
Now, anyone who ssh's to port 2048 on box2, will be tunneled
through non-priveledged ports on box2 -> box1, and thence to
22 on your box. You can use this to get ssh access in (indeed,
any access - irc server on your desktop at work? no problem ;)
through even the most severe firewall.
enjoy.
|
|