Re: Port forwarding more than once

From: Dave Howe (DaveHowe_at_cmn.sharp-uk.co.uk)
Date: 01/12/04

  • Next message: Elizabeth Wright: "file permissions for new folder"
    To: "Email List: Secure Shell" <secureshell@securityfocus.com>
    Date: Mon, 12 Jan 2004 18:49:29 -0000
    
    

    Rachan Malhotra wrote:
    > I want to create a long SSH tunnel running from my laptop to one
    > server and from there to another. Also, I want to forward port x on
    > my machine to the 1st server and then to the 2nd server through this
    > tunnel. Is it possible to create an SSH tunnel among three (or more)
    > machines ?
    yup, but it may be better not to.
    the two alternatives are:
    1. make a tunnel from your port to server 1, destinatiation server 2 port
    x (obviously, the link between server 1 and 2 is unencrypted, but that may
    not be an issue)
    2. use a simple port forwarder on server 1 that relays connections to
    server 2 port 22; then tunnel to server 1 on the port you are running the
    forwarder on, and it will effectively open a ssh link (and therefore any
    tunnels) on server 2.

    That said, I am in fact doing your original solution - ssh to my corporate
    firewall, with tunnels to my mailserver and my desktop pc (both port 22)
    then tunnels from there to various other machines via the first set of
    tunnels.


  • Next message: Elizabeth Wright: "file permissions for new folder"

    Relevant Pages

    • Re: How do I FTP via a secure tunnel (set up instructions requested pls)
      ... >> I too am using Serv-U as a server and tunnel via secure tunnel. ... Generate your own certificate (read the servu ... >port. ...
      (alt.computer.security)
    • Re: Listening network port security
      ... socket server program I write or an ssh tunnel, ... you could do it with an SSH tunnel - but that creates ... an outage as long as the SSL connection was still initiated from the ... benefit over restricting the listening port to a single IP address. ...
      (comp.os.linux.security)
    • Re: ssh -R
      ... The client can demand longer timeouts, and it can ask for a periodic 'check' to see if its still connected. ... One thing that can be easily managed with autossh is a tunnel to a port on localhost of the server, thus avoiding port scanners and other unauthorized intrusions. ...
      (Fedora)
    • Re: reverse shell session
      ... tunnel. ... So the remote client runs a cron job at a certain hour, ... to access a PC that's behind a FW but can't forward the SSH port on the ... You could run an ssh server on the machine that's behind the FW on some ...
      (comp.security.ssh)
    • Re: mysql connection through ssl tunnel
      ... can make mysql connections through the tunnel with no problems. ... If autossh watches over my ssh tunnel, who or what watches over autossh? ... There are databases running on both machines, so I need to use a different port for the tunnel. ...
      (freebsd-questions)