Re: ssh across socks + remote firewall

From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 02/01/04

  • Next message: J M: "Re: ssh across socks + remote firewall"
    Date: Sat, 31 Jan 2004 23:56:28 +0000 (UTC)
    
    

    In article <gwWSb.80$zM7.68346944@newssvr11.news.prodigy.com>,
    J M <JM@jm.biz> wrote:
    >How do I ssh across following configuration?
    >
    >my box -> my.com.socks.80 -> remote.public.host.ip.port.22 ->
    >remote.private.ip.port.22

    Go grab a copy of "connect" and install it on mybox and
    remote.public.host.
    http://www.taiyo.co.jp/~gotoh/ssh/connect.html

    On "mybox" create a ~/.ssh/config something like the following (I'm
    assuming your socks server is really port 1080, if not, adjust to suit).

    Host remote.public
      ProxyCommand /path/to/connect -S my.com.socks:1080 remote.public.ip 22

    Host remote.private
      ProxyCommand ssh remote.public /path/to/connect remote.private.ip 22

    Now just "ssh remote.private" and in theory it should just work (you may
    want to set up public-key authentication so you don't need to type 2
    passwords).

    Note that you will be double-encrypting the traffic, so it's not super
    efficient.

    -- 
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
        Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.
    

  • Next message: J M: "Re: ssh across socks + remote firewall"

    Relevant Pages

    • Re: Port Forwarding and Multiple SSH Servers - WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
      ... >> Behind my firewall I have several SSH servers that I connect to with ... >different known_hosts file for each host. ... >to ssh to many different hosts from a single server via a ssh gateway ... Good judgement comes with experience. ...
      (comp.security.ssh)
    • Re: SCP via SSH tunnel works, then not, then works again
      ... > This works to remote host RA without a problem. ... As far as ssh is concerned, "localhost:2222" is the same host both times ... Good judgement comes with experience. ...
      (comp.security.ssh)
    • Re: entries in .ssh/known_hosts
      ... Only store host names but not IP addresses. ... If this flag is set to ``yes'', ssh will additionally check the ... Good judgement comes with experience. ...
      (comp.security.ssh)
    • Re: "deep-ssh"
      ... deep-ssh is a python script that builds shell commands that run ... >ssh under ssh under ssh... ... if you have a suitable command on the intermediate host ... Good judgement comes with experience. ...
      (comp.security.ssh)
    • RE: sshd / ssh setup
      ... We have an Remote FreeBSD system which is located some where on the ... This method gives the maximum protection possible utilizing ssh. ... Host setup steps. ... Reboot your system to activate sshd and login as root. ...
      (freebsd-questions)