Re: can a SSH server initiate a connection?
On Sun, Aug 01, 2004 at 08:08:16PM +0100, rich wrote:
> I have a (woody) box running sshd sitting behind a firewall. From
> outside the firewall, I want to be able to ssh in.
> I can see that I could get around the firewall if the connection was
> initiated from within the firewall, ie. if somehow the person could
> give a command on the server which somehow connects to the would-be
> client, and then allows the client to take over as a normal ssh
> any clues? ideas?
Do you control firewall?
If yes : use DNAT to redirect external connection to SSH server
(if firewall is NAT box)
or open port 22 and forward connectio to internal hosts
If no but still legally OK to connect from outside:
Does internal host accessible from other means
* can you recieve mail and mail is processed with procmail
* do you have dial-in modem connected to pc
--> use these to initiate process which
connects from inside to outside with SSH. If
needed using open port such as 80 or even DNS one and operate
special SSHD on the other side listning to that port.
Then set up port forwarding or so.
-->Connect through SSH tunnel backward from outside to inside.
But why connect from outside of firewall if firewall prevent you to do
so. Maybe that is a bigger question :)