Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SSH port forwarding/tunneling

44 views
Skip to first unread message

Captain Dondo

unread,
Oct 31, 2005, 10:18:18 AM10/31/05
to
I've got a question about port forwarding....

I have a machine that will be located remotely. I have ssh installed
on this machine. I cannot install any sort of VPN on this machine.

The machine will be behind a firewall, so I need a way to access this
machine.

What I'd like to do is set up a persistent ssh connection to my server,
and then portforward back through this connection so I can connect to the
ssh server on the machine.....

One more time:

machine A is at my desk.

machine B is far, far away.

Machine B connects to machine A via ssh, forwarding some port that
connects back to itself....

I use ssh localhost -p someport on machine A to log into machine B.

I've been playing around with all sorts of ways to try to portforward
using -L and -R, but I always get something that doesn't work or a message
that the port cannot be forwarded.....

I've found all sorts of docs on how to forwards ports if I want to tunnel
in the same direction as the ssh connection, but nothing that tells me how
to tunnel 'backwards'....

TIA,

--Yan

Pascal Bourguignon

unread,
Oct 31, 2005, 11:07:40 AM10/31/05
to
Captain Dondo <y...@NsOeSiPnAeMr.com> writes:


[pjb@remote pjb]$ ssh -R 2222:localhost:22 desktop
pjb@desktop's password:
25960: Warning: No xauth data; using fake authentication data for X11 forwarding.
Last login: Mon Oct 31 17:00:59 2005 from other
Welcome to Darwin!

Eat a cookie!

[pjb@desktop pjb]$ ssh -p 2222 localhost
25960: socket: Address family not supported by protocol
pjb@localhost's password:
Have a lot of fun...
[pjb@remote pjb]$

If you have the right access rights on the remote machine, you could
establish a ppp/ssh tunnel. That'd be the simplier to connect back
with different protocols, and to proctect somewhat from ssh
disconnects: if ppp/ssh disconnects, you can still reconnect it
without disconnecting the tcp streams running over this ppp session.

--
__Pascal Bourguignon__ http://www.informatimago.com/
Litter box not here.
You must have moved it again.
I'll poop in the sink.

Sven Boeckelmann

unread,
Oct 31, 2005, 11:42:50 AM10/31/05
to
On Mon, 31 Oct 2005 07:18:18 -0800, Captain Dondo wrote:

ok, I don't know if i got this right:

You can logon to machine B and create a ssh connection to machine A, which
stays constantly open?

If so, this might work for you, although IMHO the setup you want is kind
of sick. ;-)

1. You need a ssh daemon running on both machines.

on machine B create an ssh connection to machine A
ssh -R 2222:127.0.0.1:22 username@A

now you can connect from machine A to machine B using
ssh -p 2222 username@localhost

beware:
on root can forward privileges ports
this is why I used 2222 in this example

port forwarding not always enabled depending
on your sshd_config check

AllowTcpForwarding yes

Cheers,
Sven

0 new messages