Re: port forwarding without using ssh
Hi.
On 2009年11月12日 07:53, green wrote:
> Zhang Weiwu wrote at 2009-11-10 20:36 -0600:
>
>> Hello. I have a remote server inside a remote office covered by NAT
>> masquerade where port forwarding not possible, and a local server in my
>> local office not covered by NAT masquerade. In order to access the
>> remote office and hosts in that office, I do this:
>>
>> On remote office server, in a screen session I run
>> $ ssh -R .... local_server
>>
>> On my own office, I try to connect to mapped ports on local_server.
>>
>> The problem of this solution is security. I do not want to grant shell
>> access of local_server to remote_server. What would you recommend me to
>> do in this case? I could try to limit access of the account used by
>> remote server ssh -R, but should I?
>>
> You might want to check out apf-server and apf-client packages. I use these to
> provide access between masqueraded systems using an intermediary system.
> Server runs on the intermediary and client on the system to be connected to.
> System connected _from_ connects to client through a port on the server.
>
Thank you! Now that I tried it, te apf-client package proved very useful
in my case. I followed your advice almost a year later because I was too
busy with daily business and kept your email as "marked for personal
todo" for a year or so.
Reply to: