Re: Reverse SSH tunelling

cwells_at_geoplan.ufl.edu
Date: 08/30/04

  • Next message: Tay, Gary: "RE: Reverse SSH tunelling"
    Date: Mon, 30 Aug 2004 12:45:03 -0400 (EDT)
    To: "Raistlin Majere" <raistlin@majere.net>
    
    

    Raist,
    If I understand your question...
    Here's another solution that requires two iptable rules on the gateway
    machine(s):
    #port forward ssh on port 2222 requests to 192.168.0.10
    $IPT -t nat -i eth0 -A PREROUTING -p tcp --dport 2222 -j DNAT --to
    192.168.0.10:22

    $IPT -A FORWARD -p tcp -d 192.168.0.10 --dport 22 -j ACCEPT

    You can also be more specific by only allow ssh connections from a specific
    IP or subnet. Hope you find this helpful!
    Cheers,
    CW

    > Hi All,
    >
    > I need some advice .. I have a situation where about fifty servers will
    > be located in fifty sites that cannot allow services to be hosted. These
    > servers will be in private network space behind firewalls. I can use
    > them to 'scp' files out to a common home base server, but sometimes I
    > need to access a command line console on these servers. I am thinking of
    > having a hourly cron job ssh out to my home base server and leaving that
    > tunnel open so that I can access that console, but am looking for the
    > specific way of doing this. Security os pf the utmost concern, so I need
    > some sort of encrypted tunnel, hence the thought of ssh, but I don't
    > know how to do this 'reverse' tunnel... I was also thinking of a 'free
    > swan' vpn tunnel ..
    >
    >
    > Thanks
    >
    > Raist
    >


  • Next message: Tay, Gary: "RE: Reverse SSH tunelling"

    Relevant Pages

    • Re: Real Survivalists Dont Do Windoze
      ... I'm on a Red Hat Linux laptop running TightVNC over a ssh tunnel ... 'Source port' is your port of choice for your VNC-client to connect. ...
      (misc.survivalism)
    • Re: Real Survivalists Dont Do Windoze
      ... I'm on a Red Hat Linux laptop running TightVNC over a ssh tunnel ... 'Source port' is your port of choice for your VNC-client to connect. ...
      (misc.survivalism)
    • Re: Reverse Shell?
      ... >> behind a firewall so I can't ssh into their computer. ... > follow the tunnel back to their machine and then help them. ... Connections to that port will be forwarded through the ...
      (Debian-User)
    • RE: Tunneling over ssh with termination by the FW
      ... I would use something like Putty (ssh client software) to open a secure ... tunnel with the firewall. ... If the firewall has the sshd running on port ...
      (SSH)
    • Re: Real Survivalists Dont Do Windoze
      ... I'm on a Red Hat Linux laptop running TightVNC over a ssh tunnel ... 'Source port' is your port of choice for your VNC-client to connect. ...
      (misc.survivalism)