LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   SSH reverse pipe (https://www.linuxquestions.org/questions/linux-networking-3/ssh-reverse-pipe-792670/)

C4N4rD 03-02-2010 11:58 AM
SSH reverse pipe
 
Hi There,

I want to install a packet(emerge) on my Gentoo, but it hasn't got access to Internet.

My client has access to internet and I can connect with SSH to the Gentoo. I want to do a reverse SSH pipe between my client and my Gentoo in order to give the access to Internet.

I'm trying this :
ssh -N -R 53:localhost:53 root@IP
ssh -N -R 21:localhost:21 root@IP

I configure this on my Gentoo side in the sshd_config :
PermitOpen 0.0.0.0:*
AllowTcpforwarding yes

But the emerge does not work anymore. I forget to do something, any help appreciate.

Thanks! :)

acid_kewpie 03-02-2010 12:40 PM
The emerge? What's that got to do with SSH? And why would TCP DNS and FTP Control port access be any use? If you're trying to do DNS over it, then firstly you need UDP, not TCP, and SSH only does TCP tunnelling (not piping, pipes are very very different things). IF you do use DNS then the resulting DNS response means it's not going to use the tunnel for FTP, it's going to connect to the IP in the DNS response. And thirdly, FTP is NOT just port 21, you need to tunnel ports for FTP data as well as FTP control. You should just use HTTP really, much simpler on port 80.

C4N4rD 03-06-2010 06:30 AM
So I should use emerge with the HTTP protocol.

But what I should use to give the access to my Gentoo to the Internet with HTTP? SSH I guess...

acid_kewpie 03-06-2010 09:19 AM
HTTP is a better protocol, however you still can't make it work with a reverse SSH tunnel, as it'll only connect to port 80 of the ip defined as the destination of the pipe, and again as above you aren't doing anything in the first place to make emerge want to use the tunnel at all. Why would it connect to 127.0.0.1:80 when its trying to go to gentoo.example.com:80?

C4N4rD 03-07-2010 01:34 AM
Why I do not want that it connects on 127.0.0.1:80 it's just because this device has not got access to internet, there is no route and I can't set a route... That's why I wanted to pass through my client.

acid_kewpie 03-07-2010 02:14 AM
Yes i see that, but how do you intend to make that happen? It's fine making an ssh tunnel but if the client app isn't going to use it...

estabroo 03-07-2010 12:29 PM
You could always use an ssh interface tap/tun device, then route the destination over that interface. Take a look at the -w option for ssh


All times are GMT -5. The time now is 01:47 PM.