Re: Two-hops SSH tunnelling



Try using this script:
http://lanning.cc/ssh-multihop-tunnel

There is an echo at the end, that you can uncomment to see the command
line it builds.

On 5/23/06, Loris Serena <lserena@xxxxxxxxx> wrote:
Guys,

I managed to get the following working:

----------------------------------------------------------------------------------------------------
A firewall between SERVER and CLIENT only allows TCP port 22 from
SERVER to CLIENT (but not viceversa!)

SERVER -------22------> CLIENT

What I would like to achieve via ssh tunnelling is to send TCP port
1984 traffic from CLIENT to SERVER:

SERVER <-----1984------ CLIENT
------------------------------------------------------------------------------------------------------

by running (on SERVER):
$ ssh -f -N -R 1984:SERVER:1984 CLIENT


Now I'd like to add the next (and last) bit of the configuration to the
picture:

There is another firewall between CLIENT and GOOFY, again only allowing
TCP port 22 from CLIENT to GOOFY (and NOT viceversa!):

SERVER -------22------> CLIENT -------22-------> GOOFY

What I would like to achieve via ssh tunnelling is to send TCP port
1984 traffic from GOOFY to SERVER (through CLIENT):

SERVER <-----1984----- CLIENT
SERVER <----------------(CLIENT)----------1984------ GOOFY

Please note that:
a. the remote forwarding of 1984 from CLIENT to SERVER is already working;
b. there is no native process on CLIENT listening on port 1984.

I ran `ssh -f -N -R 1984:127.0.0.1:1984 GOOFY` on CLIENT,

but testing that with telnet from GOOFY, it failed as follows:

[GOOFY]$ telnet localhost 1984
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused


So, how do I do that?
Any security issues I shold be aware of?


Thanks in advance

Ciccio



--
And, did Guloka think the Ulus were too ugly to save?
-Centauri