Re: SSH from Windows to Linux w/port forwarding.
From: Richard E. Silverman (res_at_qoxp.net)
Date: 09/23/05
- Previous message: KS: "Re: AIX's LDAP with PAM and Expired password"
- In reply to: Andrew Schulman: "Re: SSH from Windows to Linux w/port forwarding."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 22 Sep 2005 20:42:52 -0400
>>>>> "AS" == Andrew Schulman <andrex@deadspam.com> writes:
>> Even this does not work and it should: $ ssh -L80:myserver.com:80
>> myserver.com -v -N -f
>>
>> The whole point of using ssh was so that I didn't need to open more
>> ports on my router.
A network connection from a host back to itself is still a network
connection. If you want to be able to make such connections -- as SSH
forwarding does -- then your firewall must allow them. A simple firewall
might say, "disallow all TCP connections to port 22 on the external
address." That includes connections your forwarded connections, if the
name myserver.com translates to that external address.
The name "localhost", however, normally maps to 127.0.0.1, which is
assigned to the host's loopback interface. A firewall will often just
allow all loopback connections, since they must come from the same host
and so are deemed safe. And a service which simply binds a port for
listening without specifying a particular address, will be listening all
all the host's addresses, including the loopback.
-- Richard Silverman res@qoxp.net
- Previous message: KS: "Re: AIX's LDAP with PAM and Expired password"
- In reply to: Andrew Schulman: "Re: SSH from Windows to Linux w/port forwarding."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
