ssh-tunnel forwarding X over multiple hops...
- From: Benny Helms <benny@xxxxxxxxxx>
- Date: Wed, 29 Oct 2008 14:50:00 -0600
-----BEGIN PGP SIGNED MESSAGE-----
I don't know why I have such a hard time wrapping my mind around ssh and
tunnels, but I'm lucky to be able to create a point a to point b tunnel. I use
syntax such as this...
ssh -f -l username -N -L 9999:destHost:22 intermediateHost
This allows me to log on to my localhost, port 9999 and wind up at the destHost
by way of the intermediateHost. I'm able to do my login as such...
ssh -p 9999 -X -Y localhost
...and run xclock on the destHost and have the X display return to my notebook.
So far so good.
My need is as follows, though.
Notebook=initial end of tunnel
HostB=2nd server in a DMZ
HostC=3rd server behind private firewall
- From my notebook, I need to be able to create a tunnel that traverses Hosts A, B
and C, and then successfully sends X back from HostC to my notebook. The reason
for this is that HostC is an Oracle box behind a private LAN, and because of
security my only access point is from HostB in the DMZ at the same location. I
can only access HostB from HostA, which is located in my office and which has a
hole in the DMZ firewall allowing ssh traffic. All of this in order to run a
security patch on HostC to upgrade Oracle, which requires that the X generated
by the java script be able to reach my notebook so I can successfully run the
I've never figured out how to get X to run up and down the pipe on a multi-hop
tunnel without jumping the tracks and trying to output its display to HostA or
HostB before reaching the notebook.
Can someone give me example syntax that I can tweak and try to understand? It
would be very much appreciated. Thank you!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
- Prev by Date: Re: Reverse tunnel and multiple interface
- Next by Date: Re: Reverse tunnel and multiple interface
- Previous by thread: Reverse tunnel and multiple interface
- Next by thread: Openssh on Hurd