Re: Remote administration of a machine behind NAT

To: debian-user@lists.debian.org
Subject: Re: Remote administration of a machine behind NAT
From: "nate" <debian-user@aphroland.org>
Date: Tue, 9 Sep 2008 12:52:19 -0700 (PDT)
Message-id: <[🔎] 1626.65.102.144.193.1220989939.squirrel@webmail.linuxpowered.net>
In-reply-to: <[🔎] 20080909193529.GC20086@think.homelan>
References: <[🔎] 20080908214821.GH12444@think.homelan> <[🔎] 20080909193529.GC20086@think.homelan>

Andrei Popescu wrote:
> On Tue,09.Sep.08, 00:48:21, Andrei Popescu wrote:
>> Hi,
>>
>> Recently my mother (running Lenny) switched ISPs and is now behind a
>> NAT, which makes direct ssh access impossible. A reverse ssh tunnel can
>> solve this, but having her type a passphrase every time is hmm...
>> unrealistic.

How about using a SSH agent ? type the passphrase once for the
session.

This describes ssh agent and agent forwarding pretty well:
http://www.unixwiz.net/techtips/ssh-agent-forwarding.html


> command="/bin/true"[..]
>
> Can anyone spot a possible attack vector?

Does that work? I would expect SSH to execute /bin/true and
then exit, the connection would close at that point.

nate

Reply to:

Follow-Ups:
- Re: Remote administration of a machine behind NAT
  - From: Andrei Popescu <andreimpopescu@gmail.com>

References:
- Remote administration of a machine behind NAT
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Remote administration of a machine behind NAT
  - From: Andrei Popescu <andreimpopescu@gmail.com>

Prev by Date: cgi-bin stopped working in apache ?! please help
Next by Date: Re: grammar tool in linux ... perhaps in emacs
Previous by thread: Re: Remote administration of a machine behind NAT
Next by thread: Re: Remote administration of a machine behind NAT
Index(es):
- Date
- Thread