Re: SSH tunnel over SQUID
- From: Burkhard Ott <news@xxxxxxxxx>
- Date: Thu, 16 Oct 2008 19:24:26 +0200
Am Wed, 15 Oct 2008 17:30:58 -0700 schrieb nicola.calipari:
Hello.
I have to reach a cluster of linux machines protected by a firewall.
The usual way to reach them is to SSH from inside the network, but i
need to do it from outside.
A http proxy cant speak ssh, you need to run the ssh client behind the
proxy and you have to speak http/s through the proxy.
I have the credentials and everything, but the cluster belong to a
university so the admin is lazy and i need to minimize the requests to
him.
So, you think after the proxy you'll have access to the network behind?
If so then you're right the admins are lazy, but I don't think so.
My idea was to use a squid proxy that is open to outsiders (there's a
ezproxy too).
And behind the proxy is surely another firewall to prevent access to ssh.
http://users.unimi.it/banchedati/ezproxy.html
Here's .pac config for two different squid proxy:
http://proxypac.unimi.it/proxy.pac
http://users.unimi.it/banchedati/proxysnx.pac
As i said I have full credentials to get inside the net, is just that
i don't know how to do and that the admin don't have time to help me.
It doesn't matter, first the admins have a reason to prevent access via
ssh second after the proxy is surely an ip filter/firewall or whatever to
prevent access to private segments and if not there could also be a layer3
router to do the work.
Your only chance I think is to access a ssh client behind the proxy on a
webserver (cgi shell or whatever) but it only works if your webserver can
reach the cluser and you can reach the webserver or something it speaks
http/s.
cheers
.
- References:
- SSH tunnel over SQUID
- From: nicola . calipari
- SSH tunnel over SQUID
- Prev by Date: Re: They are coming back from holdays
- Next by Date: Re: zone alarm start up
- Previous by thread: SSH tunnel over SQUID
- Index(es):
Relevant Pages
|
