[Techtalk] url port forward?
overhaul at littledeath.net
Fri Oct 1 19:42:23 EST 2004
my husband tried to sell me on this idea but I couldn't see how it would
work. For some reason I couldn't see how it would work if I wasn't
running apache at point B I have a couple workstations in location B but
I have to ssh thru a checkpoint first before getting to it.
I used to do this to connect to my imap server running on my personal
workstation but can't remember how I did that... (my brain hurts)
... but, I'd have to create an ssh tunnel from point C(home) to point
B.1 then from B.1 to B.2 THEN try to access localhost:443 in location
C... I remember it was cumbersome back then... and am not really
looking forward to doing that again. :(
I may have to resort to that in the end if it came down to it.
Rachel McConnell wrote:
> Hi overhaul,
> There is another potential solution to this situation, assuming you have
> an account on server B, which is an SSH tunnel. Advantage to this is
> that it only requires setup on your home machine C, not on server B -
> unless server B doesn't have an SSH server which would be surprising.
> You do it like this:
> $ ssh -L 80:server.A:80 yourusername at server.B
> and enter your password on server B when prompted. (As with any ssh
> session, if your username on C is the same as on B, you can leave out
> the yourusername@ bit.)
> Then from your machine you can access server A as 'localhost'. (If you
> need to use a different hostname for some reason, you can pick one and
> put it in your hosts file as an alias for 127.0.0.1)
> To break down the command line bit:
> the -L option tells ssh to set up an outgoing tunnel
> the 80's are the ports on your machine and on server A (I don't remember
> which is which and am too lazy to look it up)
> the bit in between the 80's, "server.A", is a reference to server A as
> server B would resolve it. This bit was confusing to me for a while,
> but it's just as if you logged onto server B, and then went to ping,
> telnet, scp, wget, etc. to server A. Use the same name or IP address
> you would with any of those other tools.
> finally, yourusername at server.B simply says what machine to ssh TO.
> The ssh tunnel will stay open as long as you keep the shell open, so you
> could conceivably do this once and it'll stick until you shut down or go
> offline. Otherwise, just set up the tunnel at the start of your online
> session. You might be able to set it up to tunnel automatically when
> you log on - someone else will have to advise on this part, though!
> Disclaimer: I've done this a LOT in my own office/home setup, but there
> may be something about your setup that makes this solution non-optimal
> or even impossible, that I might have missed. I'm really not very
> knowledgable about networking in general, I just happen to do this
> specific thing constantly!
More information about the Techtalk