[Durham] ssh and reverse port thingummy bob
Martin Ward
martin at gkc.org.uk
Mon Dec 24 10:46:39 UTC 2012
On Monday 24 Dec 2012 at 09:50, Dougie Nisbet <dougie at highmoor.co.uk> wrote:
> I'm trying to use ssh to login to machine2 from my home PC. Riccard
> gave me the commands and it looks promising but not quite there.
>
> On machine2 I type:
>
> ssh -R 2112:127.0.0.1:22 dougie at dougie_home
>
> and I get in no problems.
Can you explain exactly what you are trying to do?
The "ssh -R" is needed if machine2 can login to dougie_home,
but dougie_home cannot directly login to machine2
(because machine2 is behind a firewall).
The command logs into dougie_home from machine2
and then sets up a tunnel through which dougie_home
can log back in to machine2. To do this, on dougie_home
you login to localhost using the tunnel as the port:
ssh -p 2112 dougien at localhost
All the packets on port 2112 are sent across to machine2
and passed to port 22 on machine2's localhost.
The -L option is for setting up a tunnel the other way around:
from the local host to the remote host. Running:
ssh -L 2112:localhost dougien at machine2
(on dougie_home) logs into machine2 and sets up a tunnel from dougie_home
to machine2: but to do this you need to be able to login to machine2
from dougie_home, which is what you were trying to do in the first place!
Your second command:
ssh -L 2112:localhost dougien at localhost
is trying to set up a tunnel from dougie_home back to itself: which makes
no sense!
--
Martin
STRL Reader in Software Engineering and Royal Society Industry Fellow
martin at gkc.org.uk http://www.cse.dmu.ac.uk/~mward/ Erdos number: 4
G.K.Chesterton web site: http://www.cse.dmu.ac.uk/~mward/gkc/
Mirrors: http://www.gkc.org.uk and http://www.gkc.org.uk/gkc
More information about the Durham
mailing list