[Courses] [Security] Port forwarding with SSH andipchains/iptables
Raven, corporate courtesan
raven at oneeyedcrow.net
Thu Mar 21 16:05:48 EST 2002
Heya --
Quoth jennyw (Wed, Mar 20, 2002 at 07:41:48PM -0800):
> With SSH port forwarding, if a connection gets closed for whatever reason,
> is there a way to reestablish it automatically? If not, then I can see how
> IPSEC might be better.
There's no such beast native to SSH, but you could script one
up. (Lots of the ssh stuff that I use required a bit of scripting. If
you're using ssh for purposes like this, I would highly recommend
getting the O'Reilly "SSH: The Definitive Guide" and reading the last
four chapters or so. They give examples of ssh being used for automated
tasks, and how to make it easier on yourself. I didn't notice anything
on keeping a persistent connection up, but there's lots dealing with
other issues you may not have thought of. (Authentication -- how to do
it without either having no passwords on the connection (bad) or keeping
the password stored in a file on the computer (also bad). Things like
that.)
I don't actually know what would happen if the ssh connection
got cut off but the Net connection didn't when port forwarding. I
*think* it would try to re-establish when it got the next forwarded
packet, but that's totally a guess. I'd have to try it and fire up the
packet sniffer to see what happened. (In my Copious Spare Time.)
Cheers,
Raven
"And then we release the killer bees, with dogs in their mouths!"
-- ChrisJ, on "get away from my router" tactics
More information about the Courses
mailing list