two way ssh tunnel over a firewall

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi, perhaps someone here can give a tip of how to proceed or some
program that manages this:

I have an ssh server on the inside of a firewall (work machine)
I do not govern the firewall nor have any access to it.
I want to connect to my ssh-server on the inside and get a terminal

Ideas to solution (???):
Make the server create a tunnel to an outside (read: internet) host.
This host being my own machine or other server.
So, my idea is to somehow make the server establish a tunnel and
through this tunnel I should be able to ssh back to the
But HOW that would be done I do not know (I'm a rather ssh-newbie).
The problem, as I see it, is since the server does not exist on the
outside of the firewall that IT has to initiate the tunnel and at the
same time be able to receive commands back via this tunnel (ie spawn a
terminal session for me to interact with...)

Thanks in advance for any ideas

Re: two way ssh tunnel over a firewall

Quoted text here. Click to load it

If you can do outbound SSH from work to home:
    work$     ssh -N  -R 2222: home
followed by
    home$     ssh -p 2222
that should do it.

It's probably worth checking first whether they will allow this.
If their firewall is implementing a policy they expect you to follow
this could land you in hot water.

Elvis Notargiacomo        

Re: two way ssh tunnel over a firewall

Quoted text here. Click to load it

Someone else has already suggested an outbound remote port forward,
I would add that a tool like autossh may help keep the tunnel up and

Be aware that depending on your employer doing this could be a violation
of their security policy and may be grounds for disciplinary action.

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Site Timeline