Double ssh?

Message

pmatos · Post by **pmatos** » Tue Oct 24, 2006 5:46 pm

Hi all,

I have a problem which I would like to solve but I can't see a way to do this.
I want to ssh machine C, which is backed by B (which is a firewall, so I have to get through it). Problem is that I'm at A which is not inside the LAN.

Usually I need to ssh B then from B I have to ssh C but that's really a pain in the neck. Isn't there a way to simplify things and doing the both ssh's at once?

Regards,

Paulo Matos

shrimp123 · Post by **shrimp123** » Tue Oct 24, 2006 5:58 pm

may be ssh-tunnel is what u r after.

ssh from C into A, setup a tunnel. Then ssh from A to C would just be a localhost (port fwded) ssh.

S

bluedevils · Post by **bluedevils** » Tue Oct 24, 2006 6:06 pm

I don't know how safe this is, but since you already have ssh open on B, couldn't you also redirect another port on B to port 22 on C. This would mean that you would ssh to a specific port (say 2222) on B and that will redirect traffic to port 22 on C.

troymc · Post by **troymc** » Tue Oct 24, 2006 6:10 pm

Or, if you cannot have tunnels or port re-directs, try:

Code: Select all

A # ssh -t B ssh C

Put your keys in place, and you won't even have to enter any passwords.

troymc

linuxkrn · Post by **linuxkrn** » Tue Oct 24, 2006 6:10 pm

I have a how-to on my website that does what you're asking.

http://www.linuxlogin.com/linux/admin/sshtunnels.php

Enjoy

For bonus points, you can use ssh -D 8080 hostname and then setup your browsers/apps to use socks5 proxy and tunnel all your traffic to the other computer. (proxy will be localhost 8080)

pmatos · Post by **pmatos** » Tue Oct 24, 2006 7:11 pm

linuxkrn wrote:I have a how-to on my website that does what you're asking.

http://www.linuxlogin.com/linux/admin/sshtunnels.php

Enjoy

For bonus points, you can use ssh -D 8080 hostname and then setup your browsers/apps to use socks5 proxy and tunnel all your traffic to the other computer. (proxy will be localhost 8080)

Thanks all!
Can't understand this line in your how-to:

Code: Select all

ssh -L 2222:firewall.domain.com:2222 firewall.domain.com

Why firewall in both hosts as arguments? More over, that will enter firewall, then can you close the connection and tunnel will stay up or not?

linuxkrn · Post by **linuxkrn** » Tue Oct 24, 2006 11:39 pm

pmatos wrote: Why firewall in both hosts as arguments? More over, that will enter firewall, then can you close the connection and tunnel will stay up or not?

In my example I had two firewalls. You only have one so you will need to modify it a bit. It's just there to give you an example.

Use -N -f to have ssh run in the background.

pmatos · Post by **pmatos** » Thu Oct 26, 2006 7:21 pm

linuxkrn wrote:
pmatos wrote: Why firewall in both hosts as arguments? More over, that will enter firewall, then can you close the connection and tunnel will stay up or not?
In my example I had two firewalls. You only have one so you will need to modify it a bit. It's just there to give you an example.

Use -N -f to have ssh run in the background.

Hello, so again, in my example, I have euler, firewall and notos. Notos is office, behind firewall. euler is my laptop with which I want to ssh notos transparently through firewall.
So I ssh firewall and did:

Code: Select all

firewall $ ssh -N -f -L 48337:notos:22 notos

This would forward port 48337 from firewall to 22 in notos (ssh port).

Indeed I have:

Code: Select all

firewall $ netstat -a | grep 48337
tcp        0      0 localhost.localdo:48337 *:*                     LISTEN
tcp        0      0 ::1:48337               *:*                     LISTEN

The problem is that in euler I do:

Code: Select all

$ ssh -p 48337 pocm@firewall

I would expect to enter notos directly, right?
But no... the connection just never returns, at least not in 3 min. Just stays there without an answer and I end it with Ctrl-C.

Any ideas of what's happening?

Regards,

Paulo Matos

Double ssh?

Double ssh?

SSH Tunnels how-to

Re: SSH Tunnels how-to

Re: SSH Tunnels how-to

Re: SSH Tunnels how-to