Thanks a mill to Graham Wood who hit the nail on the head. On GOOFY I had to set "AllowTcpForwarding yes" in sshd_config. Cheers Loris -----Original Message----- From: Loris Serena Sent: 24 May 2006 15:21 To: 'sunmanagers@sunmanagers.org' Subject: Slightly off topic | Two-hops SSH tunnelling. Guys, Sorry for the slightly off-topic post, but I couldn't get any working suggestion from the secureshell mailing list. I managed to get the following working: > -------------------------------------------------------------------- > A firewall between SERVER and CLIENT only allows TCP port 22 from > SERVER to CLIENT (but not viceversa!) > > SERVER -------22------> CLIENT > > What I would like to achieve via ssh tunnelling is to send TCP port > 1984 traffic from CLIENT to SERVER: > > SERVER <-----1984------ CLIENT > -------------------------------------------------------------------- > > by running (on SERVER): > $ ssh -f -N -R 1984:SERVER:1984 CLIENT Now I'd like to add the next (and last) bit of the configuration to the picture: There is another firewall between CLIENT and GOOFY, again only allowing TCP port 22 from CLIENT to GOOFY (and NOT viceversa!): SERVER -------22------> CLIENT -------22-------> GOOFY What I would like to achieve via ssh tunnelling is to send TCP port 1984 traffic from GOOFY to SERVER (through CLIENT): SERVER <-----1984----- CLIENT SERVER <----------------(CLIENT)----------1984------ GOOFY Please note that the remote forwarding of 1984 from CLIENT to SERVER is already working On CLIENT, I ran `ssh -f -N -R 1984:127.0.0.1:1984 GOOFY` but testing that with telnet from GOOFY, it failed as follows: [GOOFY]$ telnet localhost 1984 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused So, how do I do that? Any security issues I should be aware of? Thanks in advance Loris BT Communications Ireland Limited is a wholly owned subsidiary of BT Group plc Registered in Ireland, Registration No. 141524 Grand Canal Plaza, Upper Grand Canal Street, Dublin, Ireland This electronic message contains information (and may contain files) from BT Communications Ireland Limited which may be privileged or confidential. The information is intended to be for the sole use of the individual(s) or entity named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information and or files is prohibited. If you have received this electronic message in error, please notify us by telephone or email (to the numbers or address above) immediately. http://www.btireland.ie _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers BT Communications Ireland Limited is a wholly owned subsidiary of BT Group plc Registered in Ireland, Registration No. 141524 Grand Canal Plaza, Upper Grand Canal Street, Dublin, Ireland This electronic message contains information (and may contain files) from BT Communications Ireland Limited which may be privileged or confidential. The information is intended to be for the sole use of the individual(s) or entity named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information and or files is prohibited. If you have received this electronic message in error, please notify us by telephone or email (to the numbers or address above) immediately. http://www.btireland.ie _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Thu May 25 11:44:50 2006
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:58 EST