Multiple hop tunnel to chain port forwarding
I was having trouble setting up a db connection from my local machine to a db server that was configured to only accept connections from machines behind its own subnet. I had trouble setting up a multiple hop tunnel for chaining port forwarding through my firewall machine on the same subnet as the db. My first attempt involved two port forwards, on localhost and on the firewall machine, which didn't work for me. This approach I found at http://www.derkeiler.com/Newsgroups/.../msg00267.html involved constructing an end to end connection to the db via the firewall machine
Quote:
-L construct a port forwarding tunnel -q Quiet mode - surpresses warnings/diagnostic messages -a Disables forwarding of the authentication agent connection (as opposed to -A which enables it) -x Disables X11 forwarding (as opposed to -X which enables it) -T disables pseudo-tty allocation but I'm not clear on what the 'ssh -oproxycommand="ssh -qaxT firewall nc %h %p"' My guess about what this command does is: I'm constructing and end to end connection between localhost and dbserver via firewall by running the command nc %h %p on firewall - my limited understanding of netcat is it forwards host and port? something like that? Anyways, I just want to understand what this command does, if anyone would like to comment. Thanks. |
Try this page http://www.openbsd.org/cgi-bin/man.c...penBSD+Current and search for Proxycommand
|
Thanks, that was helpful.
|
All times are GMT -5. The time now is 04:48 PM. |