Remote access
Marko Vojinovic
vvmarko at gmail.com
Fri Oct 14 11:26:00 UTC 2011
On Friday 14 October 2011 05:32:23 Scott Rouse wrote:
> On Oct 14, 2011 12:13 AM, "KC8LDO" <kc8ldo at arrl.net> wrote:
> > Is there a way to use ssh to get through a firewall for remote access to
> > a system? The situation I'm looking at is a Fedora system sitting behind
> > a company firewall, which I have no control over, that I wish to gain
> > access to by logging into it over the Internet from a remote computer.
> > In other words the connection is initiated from outside of the
> > firewalled company network.
>
> There are many companies that would frown upon doing what you are
> proposing. I would suggest that you talk to your network/firewall admin
> and see if they will make an allowance for you.
True, and that is usually the best option. The drawback being that you are
putting yourself at mercy of the firewall admin, who might be lazy,
incompetent, or ignorant (which is sometimes the case), or have a boss that is
one of those things (which is the case quite often).
However, every serious firewall admin should know that the firewall is a one-way
barrier, protecting local users from the outside attack, and having in
principle no way to protect the outside world from the local user. Or in the
words of the firewall-piercing HOWTO
( http://tldp.org/HOWTO/Firewall-Piercing ):
<quote>
A firewall cannot protect a network against its own internal users, and should
not even try to.
</quote>
So, if the OP asks his admin to allow him the access, and is refused, I think
it is perfectly legitimate to DIY and pierce a connection through.
Best, :-)
Marko
More information about the users
mailing list