Re: bind to address while forwarding ports

From: Darren Tucker (dtucker_at_gate.dodgy.net.au)
Date: 03/06/05

• Next message: Andrew Tkachenko: "Re: bind to address while forwarding ports"
• Previous message: Andrew Tkachenko: "Re: PuTTY - "No supported authentication methods left to try""
• In reply to: Andrew Tkachenko: "bind to address while forwarding ports"
• Next in thread: Andrew Tkachenko: "Re: bind to address while forwarding ports"
• Reply: Andrew Tkachenko: "Re: bind to address while forwarding ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 06 Mar 2005 04:10:54 GMT

On 2005-03-06, Andrew Tkachenko <pobugfix@peterlink.ru> wrote:
> I'm trying to forward requests to http server from boxA through boxB.
> Everything works fine, but I can't force sshd on boxB to bind to desired
> interface.
>
> on boxA I run ssh:
> ssh -N -L65005:google.com:80 user@boxB
>
> How can I force boxB to bind to some interace while forwarding to
> google.com:80 ?

I don't think the SSHv2 protocol spec even provides a way to specify the
address to bind to for a forwarded TCP connection.

Normally, the local address of an outbound TCP connection is decided at
connection intiation time by the host's routing table (ie whichever
interface the connection is routed out of becomes the source IP) so
perhaps you can make boxb do what you want via manipulating its routing
tables.

Alternatively you may be able to accomplish it with an external forwarder
(such as netcat) but I can't think of any way to do it without modifying
either ssh or netcat.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

• Next message: Andrew Tkachenko: "Re: bind to address while forwarding ports"
• Previous message: Andrew Tkachenko: "Re: PuTTY - "No supported authentication methods left to try""
• In reply to: Andrew Tkachenko: "bind to address while forwarding ports"
• Next in thread: Andrew Tkachenko: "Re: bind to address while forwarding ports"
• Reply: Andrew Tkachenko: "Re: bind to address while forwarding ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages X11 forwarding in OpenSSH question ... BoxA and BoxB. ... BoxA runs X server and BoxB runs sshd ... libGL error: failed to open DRM: Operation not permitted ... (comp.security.ssh) Re: Checking if textbox values have been cleared or replaced, or updated ... > with new ones before updating the record. ... BoxA would be visible and that's where the users would ... BoxB would be invisible and for checking purposes only. ... both boxes are not null. ... (microsoft.public.access.queries) Re: X11 forwarding in OpenSSH question ... I don't neet to set DISPLAY variable to hostA:0.0. ... BoxA runs X server and BoxB runs sshd ... > that md5sum cookies do not work in the first ssh case. ... (comp.security.ssh) RE: missing vim highlight ... Using vim, on boxA, if for example, I use the slash ... On boxB, there is no highlight ... (Fedora) Re: bind to address while forwarding ports ... >> I'm trying to forward requests to http server from boxA through boxB. ... but I can't force sshd on boxB to bind to desired ... I guess that address to bind to for outbound connection while forwaring ... But how it could be done - local forwarding + desired interface for outbound ... (comp.security.ssh)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint