[Durham] ssh and reverse port thingummy bob

Martin Ward martin at gkc.org.uk
Mon Dec 24 10:46:39 UTC 2012

On Monday 24 Dec 2012 at 09:50, Dougie Nisbet <dougie at highmoor.co.uk> wrote:
> I'm trying to use ssh to login to machine2 from my home PC. Riccard
> gave me the commands and it looks promising but not quite there.
> On machine2 I type:
>  ssh -R 2112: dougie at dougie_home
> and I get in no problems.

Can you explain exactly what you are trying to do?

The "ssh -R" is needed if machine2 can login to dougie_home,
but dougie_home cannot directly login to machine2
(because machine2 is behind a firewall).

The command logs into dougie_home from machine2
and then sets up a tunnel through which dougie_home
can log back in to machine2. To do this, on dougie_home
you login to localhost using the tunnel as the port:

ssh -p 2112 dougien at localhost

All the packets on port 2112 are sent across to machine2
and passed to port 22 on machine2's localhost.

The -L option is for setting up a tunnel the other way around:
from the local host to the remote host. Running:

ssh -L 2112:localhost dougien at machine2

(on dougie_home) logs into machine2 and sets up a tunnel from dougie_home
to machine2: but to do this you need to be able to login to machine2
from dougie_home, which is what you were trying to do in the first place!

Your second command:

ssh -L 2112:localhost dougien at localhost

is trying to set up a tunnel from dougie_home back to itself: which makes
no sense!


STRL Reader in Software Engineering and Royal Society Industry Fellow
martin at gkc.org.uk  http://www.cse.dmu.ac.uk/~mward/  Erdos number: 4
G.K.Chesterton web site: http://www.cse.dmu.ac.uk/~mward/gkc/
Mirrors:  http://www.gkc.org.uk  and  http://www.gkc.org.uk/gkc

More information about the Durham mailing list