reverse SSH / SSH over NAT traversal

[Jeffrey Ross]

> Jeffrey Ross wrote:
>>
>>
>> Konstantin Svist wrote:

>>>
>> I've never tried using chroot for anything but to handle the ssh issue
>> have the user enter the command:
>>
>> ssh -R 12345:127.0.0.1:22 username at yourhost
>>
>> have the user login.  At this point you can enter:
>>
>> ssh -p 12345 username at 127.0.0.1
>>
>> where usename is the username on your clients machine.
>>
>> If you want to take it one step further you can enter:
>>
>> ssh -D 4567 -p 12345 username at 127.0.0.1
>>
>> now your local machine is running as if its a socks proxy and any
>> software that can be told to use a proxy will be able to connect to
>> the remote network, set the proxy host to be 127.0.0.1 and the port to
>> be 4567 (you can adjust the port if you like)
>>
>> What I do for my own use is use the "-D" option and a program I found
>> called "connect"
>> http://www.taiyo.co.jp/~gotoh/ssh/connect.c
>> and then put in ~/.ssh/config these two lines:
>>
>> host 10.*
>> ProxyCommand /usr/local/bin/connect -4 -S 127.0.0.1:4567 %h %p
>>
>> you can do "host *.foo.com" as well and it will match anything in the
>> .foo.com domain.
>>
>> Now every time I type "ssh username at 10.x.x.x" it automatically proxies
>> my connection if the ssh tunnel is up.
>>
>> Jeff
>
> Doesn't allowing the other user to create an SSH tunnel lower your
> security? They might append a -L option (when they do ssh -R) and -
> presto - they have unfirewalled access to your ports. Granted, this is
> usually not an issue when users on the other side are newbies - but if
> you get used to this technique and use it when it's not safe... you get
> the point
>
I didn't say it provided security, it does allow you to get around
firewalls and NAT translations.  It also shows that a firewall should not
be your only line of defense as it can easily be defeated by well
intentioned uses.