Reverse SSH tunneling
Deron Meranda
deron.meranda at gmail.com
Mon Jan 31 15:08:53 UTC 2005
On Mon, 31 Jan 2005 08:33:38 -0600, m g <tsilims at gmail.com> wrote:
> I'm trying to set up reverse ssh tunneling between two boxes, one
> behind a firewall (the box I want to SSH to) and one that isn't (which
> is ssh'able).
>
> I've found ssh -R, but i'm wondering if there's a better way to do
> this than leaving my user constantly logged in to both servers ...
> specifically, I'm thinking that this is a security risk. Any ideas?
It depends on what your are reverse forwarding. You can just
reverse another ssh (port 22) in the reverse direction.
Also use the -N option on the first ssh, as that effectively disables
any commands the outer ssh can send, and only allows inner
tunnel traffic.
Also set up another user to login with for the first ssh; a user that
otherwise has very little or no permissions to anything on your
system.
--
Deron Meranda
More information about the users
mailing list