[Techtalk] url port forward?

overhaul overhaul at littledeath.net
Fri Oct 1 19:42:23 EST 2004

my husband tried to sell me on this idea but I couldn't see how it would 
work.   For some reason I couldn't see how it would work if I wasn't 
running apache at point B I have a couple workstations in location B but 
I have to ssh thru a checkpoint first before getting to it.

I used to do this to connect to my imap server running on my personal 
workstation but can't remember how I did that...    (my brain hurts)

...  but, I'd have to create an ssh tunnel from point C(home) to point 
B.1 then from B.1 to B.2 THEN try to access localhost:443 in location 
C...     I remember it was cumbersome back then...  and am not really 
looking forward to doing that again.   :(

I may have to resort to that in the end if it came down to it.

Rachel McConnell wrote:
> Hi overhaul,
> There is another potential solution to this situation, assuming you have 
> an account on server B, which is an SSH tunnel.  Advantage to this is 
> that it only requires setup on your home machine C, not on server B - 
> unless server B doesn't have an SSH server which would be surprising.
> You do it like this:
> $ ssh -L 80:server.A:80 yourusername at server.B
> and enter your password on server B when prompted.  (As with any ssh 
> session, if your username on C is the same as on B, you can leave out 
> the yourusername@ bit.)
> Then from your machine you can access server A as 'localhost'.  (If you 
> need to use a different hostname for some reason, you can pick one and 
> put it in your hosts file as an alias for
> To break down the command line bit:
> the -L option tells ssh to set up an outgoing tunnel
> the 80's are the ports on your machine and on server A (I don't remember 
> which is which and am too lazy to look it up)
> the bit in between the 80's, "server.A", is a reference to server A as 
> server B would resolve it.  This bit was confusing to me for a while, 
> but it's just as if you logged onto server B, and then went to ping, 
> telnet, scp, wget, etc. to server A.  Use the same name or IP address 
> you would with any of those other tools.
> finally, yourusername at server.B simply says what machine to ssh TO.
> The ssh tunnel will stay open as long as you keep the shell open, so you 
> could conceivably do this once and it'll stick until you shut down or go 
> offline.  Otherwise, just set up the tunnel at the start of your online 
> session.  You might be able to set it up to tunnel automatically when 
> you log on - someone else will have to advise on this part, though!
> Disclaimer: I've done this a LOT in my own office/home setup, but there 
> may be something about your setup that makes this solution non-optimal 
> or even impossible, that I might have missed.  I'm really not very 
> knowledgable about networking in general, I just happen to do this 
> specific thing constantly!
> Rachel

More information about the Techtalk mailing list