Re: [SLUG] ssh style vpn?

• Next message: Andrew M. Hoerter: "Re: [SLUG] single vs. dual"
• Previous message: mark@bish.net: "[SLUG] Sarasota Meeting Canceled for Feb"
• In reply to: Ian Blenke: "Re: [SLUG] ssh style vpn?"
• Next in thread: Austin Theen: "Re: [SLUG] ssh style vpn?"
• Reply: Austin Theen: "Re: [SLUG] ssh style vpn?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, 2004-02-06 at 14:52, Ian Blenke wrote:
> Austin Theen wrote:
> > any ssh fiends know if it's possible to use SSH to connect to computers
> > behind a firewall? Here's the scenario:
> >
> > Internet <-> Linksys FW <-> Linux SSHD
> > <-> VNC Server
> >
> > the linksys router has port 22 open to the linux box, and I'm trying to
> > see how ssh can be used to allow me to access the VNC clients through
> > the firewall without opening port 5900.
> >
> > from the man page it says I can forward ports and something about -g
> > allowing remote hosts to connect to local forwarded ports.
> >
> > is this possible? or do i have to do a vpn?
>
> This is simple SSH port redirection. You can either forward local
> connections to a remote machine (-L), or remote connections to a local
> machine (-R), ie:
>
> localhost$ ssh -L 5900:vncserver:5900 linksys
>
> This tells your ssh client on your machine on the Internet somewhere to
> listen locally to port 5900, and when something connects - tell the
> remote sshd to connect to "vncserver" on port 5900.
>
> If you have an Xvnc session running on your Linux box, you can use
> "localhost" instead of the "vncserver".
>
> SSH port redirection is an incredibly useful thing to master.

this may very nearly work.

I need to have ssh establish a tunnel over the Internet from my home
workstation to this remote server, allowing me to connect to hosts
behind a firewall on the remote server's network.

when I try to connect using ssh -L 5900:remote:5900 localhost it binds
my port 5900 to the remote server's 5900 (which isn't running vnc,
doesn't even have X installed).

There is this -G switch in ssh that says it allows connections from
other hosts to use the SSH tunnel, but I am unclear if this switch will
allow traffic to be destined for another host on the far side of a
tunnel.

-- 
Austin Theen, Freelance Network Engineer      High Gear Solutions
Linux  | Windows  | Mac OS/X  | Networks  | Internet  | Databases 
Office (941) 492-6111        368 Briarwood Road, Venice, FL 34293
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS).  Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

• Next message: Andrew M. Hoerter: "Re: [SLUG] single vs. dual"
• Previous message: mark@bish.net: "[SLUG] Sarasota Meeting Canceled for Feb"
• In reply to: Ian Blenke: "Re: [SLUG] ssh style vpn?"
• Next in thread: Austin Theen: "Re: [SLUG] ssh style vpn?"
• Reply: Austin Theen: "Re: [SLUG] ssh style vpn?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:34:47 EDT