[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: More (more) SSH Fun (X11 forwarding)

Jan Niehusmann <jan@debian.org> writes:

>Another possible solution would be:
>
>ssh -L 2000:remotehost:22 firewall
>
>and then, again on the local machine:
>
>ssh -X -p 2000 localhost
>(here you may get a warning about unknown/wrong host keys, because the
>daemon you are connecting to is, of course, not presenting the host key
>of localhost)

Yet another solution is to use ssh config option ProxyCommand. E.g.,

 local$ ssh remotehost -o 'ProxyCommand ssh firewall nc %h %p'

ProxyCommand runs ssh to connect machine firewall and starts netcat
there to connect to the actual remotehost sshd. (%h expands to
remotehost and %p to ssh port.)

See ssh(1) or ssh_config(5) manual pages for more info on
ProxyCommand.

ProxyCommand is especially handy if you set up it in ~/.ssh/config
file, e.g.,

Host remote-direct
 HostName remote.somewhere
 ProxyCommand ssh firewall %h %p

After this you can use scp/cvs/rsync or whatever with remote-direct as your
hostname.


-- 
Timo Lilja

"Objects are a poor man's closures."  -- Norman Adams


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: