[Techtalk] Help me ObiWan Linuchix...

Elwing elwing at elwing.org
Thu Oct 25 18:42:59 UTC 2007

On Oct 25, 2007, at 2:21 PM, Sarah Huffman wrote:

> Any thoughts about ways I could bounce my users in? I've been
> thinking about tunneling one sshd through the other.. but haven't
> tried it yet.
> Y'all tend towards brilliance, I'd appreciate any ideas.

A remote SSH tunnel is probably your best bet.    Your programmers  
would have to have access to the machine you're running the tunnel  
on.  By default the SSH tunnel will only listen on local host, so  
they'd have to bounce to the external machine, then open a connection  
from there to localhost that gets forwarded on to you.

1.  Set up a remote tunnel on the box you want them to have access  
to: ssh -R <port on remote machine>:localhost:<port on localmachine>  
<outside machine>

By default, SSH will only listen on localhost, you can use datapipe  
(http://www.freshports.org/net/datapipe) to "fix" that.  But realize  
that unless you have a firewall to protect that port, anyone who  
connects to that port will be tunneled to the machine "inside".

Some more details can be found at http://kerneltrap.org/node/884

Good Luck!

More information about the Techtalk mailing list