Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'd like to get ssh access to one box that's behind a firewall (nated) from a box that is in another network (nated, as well).
Supposing I can use another box that's accessible to both boxes, is there a way I can use that other box to get my (nated) box to get ssh access to the other nated box? Is it possible to do it with SSH tunnels?
Thanks in advance.
PS I know I could set up a VPN, but would require using software on all the boxes and I'd really like to keep it on SSH.
I'd like to get ssh access to one box that's behind a firewall (nated) from a box that is in another network (nated, as well).
Can you not just add routes on each endpoint? For example
Code:
// On the first machine
[machine1:~]: route add -net 10.1.0.0 netmask 255.255.255.0 dev eth0
// On the second machine
[machine2:~]: route add -net 10.2.0.0 netmask 255.255.255.0 dev eth0
Replace "10.1.0.0" with the network of the second machine, and "10.2.0.0" with the network of the first machine.
The networks are separated. Can't just route between them (and I'm not the administrator, that's why I'm going to the "run something on the clients" solution).
I think I could set a ssh tunnel from both nated boxes to the public box.... but then is there one simple application I could use that could connect separate connections to 2 listening ports (or maybe one)? I mean, one application that could link together 2 client connections made on it?
I already figured out how to do what I want. I'll post a blog entry on the solution and I'll link it here.... so don't desperate. You'll see how probably by the weekend.
Oh, well.... I didn't want to get Remote Desktop access to a windows box (God forbid!). I wanted to get (and actually got) access to a SSH service... and that's plenty. :-D
That's just an example of what you can do. It's not necessarily that I wanted or needed to do that. As I said, the ultimate goal was to get SSH access to a GNU/Linux box... it's right at the beginning of the article.
If this is correct, you can SSH from "Machine 1" to "Machine 3", and then you can SSH from "Machine 3" to "Machine 2". I know it means an extra login/password combination, but it is simpler than two SSH tunnels. And if you use keys, then you can eliminate the need to type the password.
So it's impossible to reach machine 2 from machine 3 (or 1, of course).
Then how do the tunnels work?
Maybe I do not understand what you mean by "NATed". I am assuming that the firewalls are forwarding the SSH port to the "NATed" machines. If that assumption is incorrect, I would love to know exactly what is being forwarded.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.