Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Backward access through SSH?
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Theophile
Apprentice
Apprentice


Joined: 31 Mar 2004
Posts: 285
PostPosted: Tue Jul 13, 2004 6:38 am    Post subject: Backward access through SSH? Reply with quote
Here's the scenario:
My girlfriend wants to start running Linux, but she's not tech-savvy enough to do much more that use an already working system. If she wants anything configured, installed, or pretty much changed in any way, I have to do it. But there are no guys allowed in the girls' dorms, so I will have to administer remotely. Further complicating matters is the fact that the school IT department is very unhelpful and forwarding port 22 to her internal IP is out of the question.

So, I cannot SSH into her box but she can into mine. Is there a way for her to SSH into my box and then I can login to her system? What would be the best way for me to be able to do this?

Thanks!
Back to top
View user's profile Send private message
think4urs11
Bodhisattva
Bodhisattva


Joined: 25 Jun 2003
Posts: 6659
Location: above the cloud
PostPosted: Tue Jul 13, 2004 7:04 am    Post subject: Reply with quote
Hi!

A little bit of googling showed up this as first hit:



ssh tunnelling

ssh tunnelling is an excellent way to tunnel insecure protocols through a secure communication channel. In this example, I'll tunnel POP3 traffic using ssh. Traditional POP3 traffic, including username and password information, travels clear-text across the network.

OpenSSH is used in the following examples.

To tunnel POP3 traffic using ssh:

1. Make sure an ssh client is installed on your machine and an ssh server is installed on the POP3 server.

2. Create a local ssh tunnel on your machine (port 1234 for this example) to the POP3 server's port 110. You will need to be the root user to bind to "privileged" ports (< 1024).
ssh -f -N -L 1234:localhost:110 user@POP3_server

3. Test the tunnel.
telnet localhost 1234
You should see the POP3 server's banner information.

4. Configure your mail client to access your mail via POP3 using mail server localhost and port 1234.

"Reverse" ssh tunnel
It is possible to create a "reverse" ssh tunnel. The reverse tunnel will allow you to create an ssh tunnel from your work computer to your home computer, for example, and then login to your work machine from your home machine even if your work firewall does not permit ssh traffic initiated from your home machine!

For this to work, an ssh server must be installed on your work and home computer, and ssh (TCP port 22) must be allowed outbound from your work computer to your home computer.

ssh -R remote_port:localhost:22 your_home_computer

ex. ssh -R 2048:localhost:22 home.computer.com

At home, you would then run ssh -p 2048 localhost to log into your work computer via ssh.


HTH
T.
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy