[nflug] reverse tunnel

Cyber Source peter at thecybersource.com
Wed May 2 15:24:26 EDT 2007 

David J. Andruczyk wrote:
> no, 
> on customer's workstation they would run:
>
> ssh -R59000:localhost:5900 IP_OF_CYBERSOURCE_HOST
>
> Then you, pete on that CYBERSOURCE host would run:
> vnc localhost:59000
>
>
> */Cyber Source <peter at thecybersource.com>/* wrote:
>
>     David J. Andruczyk wrote:
>     > Ahh, OK easy:
>     >
>     > Prereq's:
>     > Cust machine MUST have SSHD running, and should be
>     > able ot initiate an SSH connection outbound to the
>     > internet.
>     >
>     > Your site needs to have a SSH-inable machine
>     > accessible via the internet, preferrably with a
>     > hostname.
>     >
>     > First off on your end..
>     > you need to have a public hostname/IP that is SSH-in
>     > able. preferrably to an isolated system with a dummy
>     > account (or ssh key, ssh key is nicer as it doesn't
>     > require the end users to type in a password, but is
>     > trickier to setup).
>     >
>     > On the workstation (customer machine)
>     > run "ssh -R:2222:localhost:22 YOUR_OUTSIDE_HOSTNAME -l
>     > support
>     >
>     > YOUR_OUTSIDE_HOSTNAME is the ssh-inable host located
>     > at your place.
>     >
>     > support is the username on that host.
>     > If you use SSH keys it'll login and give a shell
>     > prompt.
>     >
>     > The end user is now done.
>     >
>     > YOU would run "ssh localhost -p 2222 -l $USERNAME" on
>     > that host the user just logged into, use an
>     > appropriate username for the customers machine., enter
>     > the password, and you are now into the customers
>     > machine.
>     >
>     > when the user logs out of that connection, the port
>     > forward will close. NOTE: u can't do multipel port
>     > forwards to the same box to the SAME ports. (i.e. u
>     > can't work on two machines at once using this method
>     > unless you have them use alternative ports. (i.e.
>     > 2222,2223, 2224)
>     >
>     > --- Cyber Source wrote:
>     >
>     >
>     >> David J. Andruczyk wrote:
>     >>
>     >>>> how about a succinct reverse ssh howto there
>     >>>>
>     >> buddy?
>     >>
>     >>>> I want to set this
>     >>>> up on our dumps.
>     >>>> __________________________
>     >>>>
>     >>>>
>     >>> Not sure what exactly u mean. Do you want to know
>     >>>
>     >> how
>     >>
>     >>> to do an SSH port tunnel? (i.e. ssh -L, or ssh -R)
>     >>>
>     >>>
>     >>>
>     >>>
>     >>>
>     >>> -- David J. Andruczyk
>     >>>
>     >>> __________________________________________________
>     >>> Do You Yahoo!?
>     >>> Tired of spam? Yahoo! Mail has the best spam
>     >>>
>     >> protection around
>     >>
>     >>> http://mail.yahoo.com
>     >>> _______________________________________________
>     >>> nflug mailing list
>     >>> nflug at nflug.org
>     >>> http://www.nflug.org/mailman/listinfo/nflug
>     >>>
>     >>>
>     >>>
>     >> I want to be able to put an icon on my dump(s)
>     >> desktop so that people
>     >> that need help can use with me to be able to get
>     >> back into them, whether
>     >> they are behind a router or not, just like
>     >> webex/gotomeeting does in
>     >> windows land.
>     >> _______________________________________________
>     >> nflug mailing list
>     >> nflug at nflug.org
>     >> http://www.nflug.org/mailman/listinfo/nflug
>     >>
>     >>
>     >
>     >
>     > -- David J. Andruczyk
>     >
>     > __________________________________________________
>     > Do You Yahoo!?
>     > Tired of spam? Yahoo! Mail has the best spam protection around
>     > http://mail.yahoo.com
>     > _______________________________________________
>     > nflug mailing list
>     > nflug at nflug.org
>     > http://www.nflug.org/mailman/listinfo/nflug
>     >
>     >
>     Ok, just getting around to reading this. So, theoretically, if I
>     should
>     change the -R:2222 to -R:5900, I should be able to vnc into them,
>     correct?
>     _______________________________________________
>     nflug mailing list
>     nflug at nflug.org
>     http://www.nflug.org/mailman/listinfo/nflug
>
>
>
>
> -- David J. Andruczyk
>
> ------------------------------------------------------------------------
> Ahhh...imagining that irresistible "new car" smell?
> Check out new cars at Yahoo! Autos.
> <http://us.rd.yahoo.com/evt=48245/*http://autos.yahoo.com/new_cars.html;_ylc=X3oDMTE1YW1jcXJ2BF9TAzk3MTA3MDc2BHNlYwNtYWlsdGFncwRzbGsDbmV3LWNhcnM->
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>   
That's what I meant. I presume you mean 5900 where you have 59000 as well.
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug

More information about the nflug mailing list