Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi everyone
i have the need to connect via SSH a machine that is behind a firewall and a nat,
which i can't change, open ports and so on.
how can i do that?
i was thinking to something like a script that checks if the ssh tunnel is on, otherwise tries to connect to my external machine, but i have no clue how to set ssh server to connect like "active mode".
moreover everything should be using RSA key auth..
in short the problem is this:
machine A is at my home
machine B is at work
machine B is behing a firewall and a nat which i can't change
i want to be able to control machine B from machine A.
how to do? is it possible?
Distribution: BeOS, BSD, Caldera, CTOS, Debian, LFS, Mac, Mandrake, Red Hat, Slackware, Solaris, SuSE
Posts: 1,761
Rep:
Quote:
i have the need to connect via SSH a machine that is behind a firewall and a nat, which i can't change, open ports and so on.
If the firewall won't allow port 22 connections and/or redirect SSH connections to a host behind the firewall, then you can't connect. You'd have to talk to your work System/Network Admin to see if either they will allow the SSH connection or possibly they have VPN access. Maybe some else has another idea?
A solution would be that the machine B checks periodically a http page, to give it a triggering to start a ssh on your port 80 or 8080 of your home machine A. Or reverse ssh ...?
(I suppose machine B has only 80 or 8080 as open ports)
No ideas much, but that could be possible for any Pros !
thanks slackdaemon
that is exactly what i was studying yesterday..
ssh -f -R 1234:localhost:22 user@remote.host in fact i am free to have outbound connections..
i wanted crond to check every hour for example that the ssh tunnell is still on, then if not restore it..
of course i should use RSA key with no passphrase..
how can i set crond? and what about rsa with no passphrase? would it be a security issue?
suggestions?
ps: i need some security so reverse-shell is out of question (also cuz i can't install apache or lightppd) but since i don't have any knowledge about cryptcat..i can't choose it..
would it be good for this case?
Last edited by assasukasse; 06-17-2007 at 08:20 AM.
thanks slackdaemon
that is exactly what i was studying yesterday..
ssh -f -R 1234:localhost:22 user@remote.host in fact i am free to have outbound connections..
i wanted crond to check every hour for example that the ssh tunnell is still on, then if not restore it..
of course i should use RSA key with no passphrase..
how can i set crond? and what about rsa with no passphrase? would it be a security issue?
suggestions?
ps: i need some security so reverse-shell is out of question (also cuz i can't install apache or lightppd) but since i don't have any knowledge about cryptcat..i can't choose it..
would it be good for this case?
Are you sure that you can have this outbound port 22 through the firewall ? They usually block it. ...
Im am curious why they didnt just allow port 80/8080 for surfing only.
yes i am sure since i connected with ssh to my home machine..
i am experimenting with cryptcat, and i am able to connect a remote server.
however i am unable to start any command..but every command i issue is echoed in the remote window..
i started a listening server with
cryptcat -l -vv -p 1350 -k password on my home machine
then
on the remote
cryptcat -k password hostname_of_my_home 1350
it does connect, but i can't launch any command
ok i found why, debian cryptcat doesn't support the -e command..
so is cut out, even if it was perfect for the use i need..
Last edited by assasukasse; 06-17-2007 at 09:10 AM.
Hi everyone
i have the need to connect via SSH a machine that is behind a firewall and a nat,
which i can't change, open ports and so on.
how can i do that?
I was thinking that a VPN program like Hamachi would be great for this, but you would need admin. privileges on the work system to install Hamachi. You could try talking to your Network/Sys. Admin. and see if they'd approve of a VPN program. If not, then I'm afraid I'm out of ideas for the moment.
i do have admin privilege on my work system
i don't have privileges to stop change or open ports on the university NAT-firewall
I will give a look into hamachi, when i get how it works..
hamachi is still super bothersome..
having to create and user, to chmod a file..
what if i am not on pc, and it reboots?
i should make a script..
then i can just script ssh...
I will consider hamachi for multiple user connected to a virtual network, otherwise is no need to bother.
Last edited by assasukasse; 06-17-2007 at 03:53 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.