Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Kishore Karnam
December 25, 2003, 5:40 pm
rate this thread
secure using the SSH tunneling technique. Here is the client-server
model that I have:
1. Client <client_ipaddess, client_dynamic_port> sends a "connect"
message to the well-known port of the server <server_ipaddress,
2. Server forks a child process and the connection is established
between the child process <server_ipaddress, server_dynamic_port> and
the client <client_ipaddress, client_dynamic_port>.
3. The traffic will flow on the new connection between cleint and
I want to make the initial connection request traffic going from
various clients to the server as well as the actual client-to-server
traffic to be made secure using SSH tunneling.
It would seem to me that the port-forwarding featuin SSH is suitable
for static ports. For dynamic ports, is there a way I can use the port
forwarding feature easily or is there any other feature in SSH that I
I can think of a kludgy way of doing it:
When the process gets the dynamic port from the OS, it could execute
the "ssh -L .." shell command from the program to specify the dynamic
port to be forwarded.
It might work. I haven't tested it yet. But it just seems kludgy. Is
there a better way of doing it?
Thanks in advance.
Re: tunneling for dynamic ports
All you have to do is to set up the tunnel with "ssh -D <port> ...." where
port is the local listening port. Then you can start a free Socksclient
software like Hummingbird (win) or Dante (unix) or use the socksproxy
settings within youre application. The socks server is then 127.0.0.1 port
Then all youre connections will be redirected to the local listening port
and the ssh client acts as socks server. The ssh daemon at the other side
will fork and build the new connection to the target like any other socks
server. You can also restrict the target IP and port when you use ssh keys
and the keyoption that restricts the portforwarding.
There is no easyer way. The putty developer version also supports dynamic
portforwarding but the performance is poor. better use the cygwin openssh
when youre on win.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum