Re: Reverse SSH tunelling

• Previous message: Glynn Clements: "Re: Reverse SSH tunelling"
• In reply to: Raistlin Majere: "Reverse SSH tunelling"
• Next in thread: Tay, Gary: "RE: Reverse SSH tunelling"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 30 Aug 2004 12:45:03 -0400 (EDT)
To: "Raistlin Majere" <raistlin@majere.net>

Raist,
If I understand your question...
Here's another solution that requires two iptable rules on the gateway
machine(s):
#port forward ssh on port 2222 requests to 192.168.0.10
$IPT -t nat -i eth0 -A PREROUTING -p tcp --dport 2222 -j DNAT --to
192.168.0.10:22

$IPT -A FORWARD -p tcp -d 192.168.0.10 --dport 22 -j ACCEPT

You can also be more specific by only allow ssh connections from a specific
IP or subnet. Hope you find this helpful!
Cheers,
CW

> Hi All,
>
> I need some advice .. I have a situation where about fifty servers will
> be located in fifty sites that cannot allow services to be hosted. These
> servers will be in private network space behind firewalls. I can use
> them to 'scp' files out to a common home base server, but sometimes I
> need to access a command line console on these servers. I am thinking of
> having a hourly cron job ssh out to my home base server and leaving that
> tunnel open so that I can access that console, but am looking for the
> specific way of doing this. Security os pf the utmost concern, so I need
> some sort of encrypted tunnel, hence the thought of ssh, but I don't
> know how to do this 'reverse' tunnel... I was also thinking of a 'free
> swan' vpn tunnel ..
>
>
> Thanks
>
> Raist
>

• Previous message: Glynn Clements: "Re: Reverse SSH tunelling"
• In reply to: Raistlin Majere: "Reverse SSH tunelling"
• Next in thread: Tay, Gary: "RE: Reverse SSH tunelling"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]