[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

SSH through firewall

Hi, do not be so sure :)

On Thu, Aug 15, 2002 at 06:57:44PM -0500, Hall Stevenson wrote:
> * Paul Johnson (baloo@ursine.dyndns.org) [020815 18:44]:
> > 
> > On Thu, Aug 15, 2002 at 01:11:01PM -0400, Hall Stevenson wrote:
> > > Note: I'm only half-serious in all of this bickering back and
> > > forth. I use mutt at home, but here, I don't have that option.
> > > Don't suggest I get a different job that allows me to use linux or
> > > anything non-MS either please.
> >
> > Why not ssh to your home box? You get the additional bonus of
> > potentially non-work-related email not going to your work account,
> > too, then...
> Not possible... Proxy/firewall only allows ports 21, 80, 110, and 443
> (https ??) and maybe some other(s) that I haven't discovered. Hell, port
> 110 was blocked for a while so I had to use Mindspring's web-based mail
> program. It was horrid.

You are actually explaining it is possible.  Run SSH daemon at 80 or 443
which you do not use at your home machine. Keep the machine connected to
internet one-way-or-the-other.  (Do you have needs to run these server
servicing Internet? I guess not.  DNS is another server port which is
accessible through firewall.  You can run BIND on non-gateway machine
within LAN.)

Now you can access everything at home through SSH.

I agree your point on fighting firewall policy.  It is useless.

My advice to you is more about general company policy issues.  Please
make sure not to violate general company policy on company property use
and work hour use.  Although technically possible to poke through
firewall, poking hole through firewall are sometimes considered

~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ +++++
 Osamu Aoki @ Cupertino CA USA
 See "User's Guide":     http://www.debian.org/doc/manuals/users-guide/
 See "Debian reference": http://www.debian.org/doc/manuals/debian-reference/
 "Debian reference" Project at: http://qref.sf.net

 I welcome your constructive criticisms and corrections.

Reply to: