Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- SSH-Tunnel and port-forwarding in usermode
- Detlef Maurel
January 15, 2004, 2:36 am
rate this thread
I have a question concerning port forwarding and SSH-Tunnels. My sister has
a laptop with Linux installed on it. She doesn't know so much about
so I sometimes logged into her computer to fix problems or install
This did work fine a long time. But a few months later the residence she
in installed a firewall. This firewall bars me from logging into her
directly via ssh. So I had the idea of an SSH-Tunnel using pppd. If I want
log into her computer, she has to type in the following
/usr/sbin/pppd noauth silent nodeflate nobsdcomp mru 1500 nodefaultroute
10 ipcp-restart 10 netmask 255.255.0.0 pty "ssh -t <my-ip-address>
10.0.0.5:10.0.0.1 nodetach '" nodetach
This opens a private Point-to-Point connection between my computer and my
This was very fine for some months. I could log in to her laptop using the
SSH-Tunnel. But now, I have moved to a student's residence also, and
unfortunately there's a firewall also which won't let my sister initiate
SSH-Tunnel connection to my computer.
Now there's the problem that I can't reach her computer and she can't
But maybe there's a solution. The network I use, looks like this:
my Computer ---- Firewall ---- Uni Network ---- Internet ---- Firewall
---- My sister's computer
I can log on some linux servers within the Uni Network but I don't have
privileges there. I thought of the following: I could start some program
Uni-Server in user-mode which connects to some port, e.g. 2000. Then I
sister to start her ssh-client with "-p 2000" and the name of the
little program (which I hope exists) could (maybe?) forward all incoming
data to my
computer as if it was a SSH-Connection from the Uni-Server to me.
Is there some program which can do that? I don't have root access. If I
had, I would
simply use Linux port forwarding. But I think there should be a programm
which does port
forwarding in user-mode.
Thanks a lot!
Re: SSH-Tunnel and port-forwarding in usermode
I do this a lot. I suggest just running a program on each (or either)
computer that contacts the university machine and establishes a tunnel.
% ssh uni -R 22000:localhost:22
will do it but you might want to put it in a script that automatically
restarts it if it fails, or use Reliable SSH, etc. Once it's
established, you can get to that computer by ssh-ing to uni, port 22000
I also suggest using limited public keys to do this. Enter lines like
command="cat" [some new key]
in your authorized_keys file on the uni computer. That'll allow you to
easily establish the connection, but you (or someone else) won't be
able to do anything with the connection other than create tunnels.
What Linux port forwarding requires root access? Xinetd? (It *can* be
run as a normal user, I think.) Socat and Netcat don't need root.
Yes, it's ssh.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum