felix at compsoc.nuigalway.ie
Wed Jul 21 13:40:50 IST 2004
Quoting "Jon." <spartic at sdf.lonestar.org>:
> There is a machine behind a firewall, this user has asked me to connect to
> this machine however its stuck behind a firewall. This user can however
> ssh out to a machine i use on the internet. Is it possible to setup that
> he ssh at myhost and from that i can somehow tunnel back to his machine thats
> behind the firewall through the ssh session that he has started??
Sounds like your looking for remote port forwarding over SSH.
he connects using
ssh username at myhost -R 3022:hishost:22
then you can connect to his machine over the tunnel using
ssh username at localhost -p 3022
I assume that should work fine provided you have your own login. But remember
it means that anyone connecting to port 3022 your server will be redirected
down the tunnel to the machine behind the firewall, including people connecting
from other servers, so you might want to put some rules to prevent connections
that do not come from the localhost. Not sure if you can limit which users have
access to the port or not, but that might be another thing you should consider.
When you doing something to bypass a firewall you want to make sure that your
not leaving anything open
"Nothing's foolproof to a sufficently talented fool"
More information about the ILUG