SSH proxy

From: andy@sambolian.net.nz
Date: 02/20/02

• Next message: Jason DiCioccio: "RE: SSH proxy"
• Previous message: B.K. DeLong: "Re: SSHD problems: Forked child when logging in locally"
• Next in thread: Jason DiCioccio: "RE: SSH proxy"
• Maybe reply: Jason DiCioccio: "RE: SSH proxy"
• Reply: Matt Piechota: "Re: SSH proxy"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 20 Feb 2002 13:20:31 +1300
From: andy@sambolian.net.nz
To: freebsd-security@freebsd.org

Hi

I have a fbsd gateway at home through which I share our cable modem with my
flatmates. They have their own boxes on the lan and ssh to them from work. At
the moment we log into the gateway and from there ssh to the box we want. I
have made a shell script to automate this, and have set it as the default shell
for our accounts on the gateway. It all works well but I would like to know if
there is a better way and also if there is a security rish with the way I have
done it now. Here is the script....

<!-- snip -->

#!/bin/sh
echo
echo ---------------------------------------
echo ------------ SSH Proxy ----------------
echo ---------------------------------------
echo

SSH=/usr/bin/ssh
DEFAULTUSER=`whoami`
DEFAULTHOST=`cat ~/.sshproxyhost 2> /dev/null`

echo -n Enter username [${DEFAULTUSER}]:
read USERNAME

echo -n Enter host [${DEFAULTHOST}]:
read HOSTNAME

if [ -z ${USERNAME} ]; then
        USERNAME=${DEFAULTUSER}
fi

if [ -z ${HOSTNAME} ]; then
        HOSTNAME=${DEFAULTHOST}
fi

if [ -z ${HOSTNAME} ]; then
        echo "Can not determine the hostname"
        exit 1
fi

echo ${HOSTNAME} > ~/.sshproxyhost

${SSH} -l ${USERNAME} ${HOSTNAME}

exit 0

<!-- snip -->

cheers

Andrew

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

• Next message: Jason DiCioccio: "RE: SSH proxy"
• Previous message: B.K. DeLong: "Re: SSHD problems: Forked child when logging in locally"
• Next in thread: Jason DiCioccio: "RE: SSH proxy"
• Maybe reply: Jason DiCioccio: "RE: SSH proxy"
• Reply: Matt Piechota: "Re: SSH proxy"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: [SLE] tunneling through an intermediate host ... The login to the gateway is via ssh. ... Is this so called administrator under ... (SuSE) Re: [SLE] tunneling through an intermediate host ... SSH to the gateway as usual, setting up a forwarded port to ... >> enable X forwarding on this first connection since it doesn't ... >> sound like you're actually running anything X from the gateway. ... (SuSE) Re: iptables: forwarding port to another machine ... > I have two machines I would like to be able to ssh into from the internet. ... > the gateway machine you can ssh in from the internet. ... > What I would like is to add to my iptables firewall some rules that would ... (comp.os.linux.security) Re: Secure Remote Control ... > The problem is that I need to find a low cost solution to be able ... > the Netware servers. ... One solution would be to tunnel your VNC traffic through SSH (which ... fix here may be a gateway SSH server. ... (Security-Basics) Changing PATH compiled into sshd ... I need to change the default PATH its setting when a user logs in via ssh. ... Essentially I've got a machine that serves as a gateway into a private ... running sshd through /bin/login isn't acceptable since I need X11 ... If I can get the PATH reset I should be good to go. ... (comp.security.ssh)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2002-02