LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 11-21-2006, 04:58 PM   #1
Xeratul
Senior Member
 
Registered: Jun 2006
Location: Debian Land
Posts: 1,331

Rep: Reputation: 83
Howto do Secured ssh from port https or port80(standard) to ssh d listening port 22 ?


Howto do Secured ssh from port https or port80(standard) to ssh d listening port 22 ?
====


I guess it is call tunneling, it is not easy to do i guess for novice.

The idea: there is a pc behind a nat that wanna ssh a distant pc listening port 22. We would like it secured. Is there a way ?

Is there any hints to do so, usually on the net , it is not meant for linux newbies and too dificult. Is slow step by step detailed information would be grateful.

Thank you for your help !

xeratul

Last edited by Xeratul; 11-21-2006 at 05:02 PM.
 
Old 11-21-2006, 07:58 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,140
Blog Entries: 54

Rep: Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791
I guess it is call tunneling, it is not easy to do i guess for novice. The idea: there is a pc behind a nat that wanna ssh a distant pc listening port 22. We would like it secured. Is there a way ?
Using OpenSSH *is* secure, else it wouldn't be called Secure SHell. If you would still want to tunnel ssh this command creates a tunnel from your local port 80 to a remote server running SSH whose IP address is 10.0.1.1: "ssh -L80:127.0.0.1:22 -t -N -2 10.0.1.1". Once authenticated in another window executing "ssh -p 80 localhost 'hostname -i' " should show the remote servers IP address. Note the local port 80 is just an example since ports below 1024 can only be forwarded by root, so if you're not root try for example 8080. If you work with tunnels a lot then it's no fun running and checking them: automate it using AutoSSH. For more interesting tunnel examples and explanation: http://souptonuts.sourceforge.net/sshtips.htm.
 
Old 11-22-2006, 03:27 PM   #3
Xeratul
Senior Member
 
Registered: Jun 2006
Location: Debian Land
Posts: 1,331

Original Poster
Rep: Reputation: 83
Quote:
Originally Posted by unSpawn
I guess it is call tunneling, it is not easy to do i guess for novice. The idea: there is a pc behind a nat that wanna ssh a distant pc listening port 22. We would like it secured. Is there a way ?
Using OpenSSH *is* secure, else it wouldn't be called Secure SHell. If you would still want to tunnel ssh this command creates a tunnel from your local port 80 to a remote server running SSH whose IP address is 10.0.1.1: "ssh -L80:127.0.0.1:22 -t -N -2 10.0.1.1". Once authenticated in another window executing "ssh -p 80 localhost 'hostname -i' " should show the remote servers IP address. Note the local port 80 is just an example since ports below 1024 can only be forwarded by root, so if you're not root try for example 8080. If you work with tunnels a lot then it's no fun running and checking them: automate it using AutoSSH. For more interesting tunnel examples and explanation: http://souptonuts.sourceforge.net/sshtips.htm.
ahh

I will try with putty behind the nat ...
will be not easy to set up the putty ; we like
(another day with ssh)

Thank you
 
Old 11-22-2006, 04:20 PM   #4
Xeratul
Senior Member
 
Registered: Jun 2006
Location: Debian Land
Posts: 1,331

Original Poster
Rep: Reputation: 83
Quote:
Originally Posted by Xeratul
ahh

I will try with putty behind the nat ...
will be not easy to set up the putty ; we like
(another day with ssh)

Thank you
I have another question in the same way.
Since you are good in info, please could you let me know whether it is possible to do double tunnelling.

I wanna pass PC1 NAT tunnel ---> fully open ports PC2 linux box ssh <-------- Nat tunnel PC3

(pc == computer)
I guess that can be possible by some thinking no and experience in linux ?

Thank you for your awaited & very helpful informations !!

Xeratul
 
Old 11-23-2006, 06:09 AM   #5
Xeratul
Senior Member
 
Registered: Jun 2006
Location: Debian Land
Posts: 1,331

Original Poster
Rep: Reputation: 83
Quote:
Originally Posted by Xeratul
I have another question in the same way.
Since you are good in info, please could you let me know whether it is possible to do double tunnelling.

I wanna pass PC1 NAT tunnel ---> fully open ports PC2 linux box ssh <-------- Nat tunnel PC3

(pc == computer)
I guess that can be possible by some thinking no and experience in linux ?

Thank you for your awaited & very helpful informations !!

Xeratul

without root rights, no forward is possible.

linux & win

:-(
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables help! DROP ssh port, but allow to connect to ssh if from 2222 port kandzha Linux - Networking 4 09-13-2006 09:10 AM
ssh over port 80 but port 80 isnt available profoX Linux - Networking 4 06-01-2006 02:12 AM
Using an USB port as a standard DB9 Serial Port Lsteele Linux - Newbie 1 10-22-2005 09:48 AM
turn off http port 80, keep https port 443 lothario Linux - Networking 6 02-11-2005 04:06 AM
ssh listening on port 22 sharpie Linux - Security 9 06-08-2004 03:28 PM


All times are GMT -5. The time now is 05:55 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration