[Techtalk] access to intranet over ssh?
Caroline Johnston
johnston at biochemistry.ucl.ac.uk
Sun Oct 24 11:17:44 EST 2004
Hi,
Thanks Almut. That's exactly what I wanted to do. I can get at all my cgi
scripts and all of the other internal pages and all the journals I have
access to from work but not from home. Lovely.
Just to check I haven't done something stupid that'll cause IT guys at
work to hunt me down and hurl scathing comments in my general direction,
could someone have a look at the following description of how I set this
up and see if there're any glaring problems?
On workbox behind the firewall, installed new apache in my home directory.
Made an httpd.conf file which contained:
ServerRoot "/home/bsm/johnston/apache2proxy"
Listen 8008
User nobody
Group nobody
ProxyRequests On
ServerName bsmlx17.biochem.ucl.ac.uk:8008
Is this config safe? I read that it's important to be careful with forward
proxies cos people can use them to hide their own IP addresses, but I
figured it didn't matter in this case cos you can't get at the proxy from
outside anyway. Is this rubbish?
ran apachectl start
On my home machine, used putty for ssh:
In session window host=bsmcha1.biochem.ucl.ac.uk port=22 protocol=SSH
In tunnels Source port = 8008 Destination=bsmlx17:8008
Hit Add
Save the session
Hit open
login to bsmcha1
In firefox Tools > Options > General > Connection Settings...
check "manual proxy configuration"
http proxy=localhost ;port=8008
hit ok
And according to www.whatsmyip.org my requests are coming from bsmlx17.
All sound ok?
Thanks again,
Cxx
More information about the Techtalk
mailing list