some problem with tunneling

From: Nikolas Mayr (nikolas_at_pt.fh-koeln.de)
Date: 08/21/03

  • Next message: Brian Hatch: "Re: some problem with tunneling"
    Date: Thu, 21 Aug 2003 23:39:27 +0200
    To: secureshell@securityfocus.com
    
    

    hello,

    let me describe what i experienced in order to find out what went wrong.
    the situation: A B are computers. their users are usera and userb. B is
    somewhere in the internet, A is behind a firewall/router with ip
    masquerading enabled and port mapping disabled. (i have no way to
    change the router's configuration). i have access to both computers.
    what i wanted to do though was to remote work/configure computer A
    using vnc. in order to be able to connect to A i needed a way in there.
    so i used the command
    ssh -R 12345:127.0.0.1:22 userb@B on computer A to give myself a way to
    ssh into A (from B).

    i could indeed do that using the command
    ssh -p 12345 usera@127.0.0.1 on B

    so in odrer to connect vnc to that copmuter i created another tunnel
    (after connecting via ssh from B).
    while being logged into A through ssh from B using the tunnel i created
    before i typed the command
    ssh -R 12346:127.0.0.1:5900 userb@B
    this also did work.
    the vnc server by the way has already been started on machine A.
    so the next thing i did is started a vnc client on B and connected to
    127.0.0.1:12346

    now i got an error message in the shell. unfortunately i can nether
    recall it exactly nor recreate the situation at the moment. so my mind
    tells me the error message contained "connection was reset by peer" and
    something like tcp nodelay (bad memory, i know).

    i have no clue what went wrong.
    hopefully you can help me understand that problem.

    btw: i know that i could have created a tunnel to port 5900 on machine
    A directly. i chose to use the way i did it because i thought i was
    able to do basically anything on machine A if i ever get logged into
    the shell.

    thanks in advance,
    nikolas


  • Next message: Brian Hatch: "Re: some problem with tunneling"