Re: Reverse SSH tunelling
Date: Mon, 30 Aug 2004 12:45:03 -0400 (EDT) To: "Raistlin Majere" <firstname.lastname@example.org>
If I understand your question...
Here's another solution that requires two iptable rules on the gateway
#port forward ssh on port 2222 requests to 192.168.0.10
$IPT -t nat -i eth0 -A PREROUTING -p tcp --dport 2222 -j DNAT --to
$IPT -A FORWARD -p tcp -d 192.168.0.10 --dport 22 -j ACCEPT
You can also be more specific by only allow ssh connections from a specific
IP or subnet. Hope you find this helpful!
> Hi All,
> I need some advice .. I have a situation where about fifty servers will
> be located in fifty sites that cannot allow services to be hosted. These
> servers will be in private network space behind firewalls. I can use
> them to 'scp' files out to a common home base server, but sometimes I
> need to access a command line console on these servers. I am thinking of
> having a hourly cron job ssh out to my home base server and leaving that
> tunnel open so that I can access that console, but am looking for the
> specific way of doing this. Security os pf the utmost concern, so I need
> some sort of encrypted tunnel, hence the thought of ssh, but I don't
> know how to do this 'reverse' tunnel... I was also thinking of a 'free
> swan' vpn tunnel ..