Home arrow Site Administration arrow Page 6 - Secure Tunnelling with SSH

Any Port In A Storm - Administration

You probably already know how to use SSH to securely log in toremote hosts over the Web. In this article, take things a little further byusing SSH to encrypt connections to other ports as well. Scenarios coveredinclude securing your mail server connection so that your mail password isalways protected and creating secure pathways through firewalls for trustedhosts.

TABLE OF CONTENTS:
  1. Secure Tunnelling with SSH
  2. Kicking The Tyres
  3. Test Drive
  4. Et Tu, Brute?
  5. No Forwarding Address
  6. Any Port In A Storm
  7. Remote Control
  8. In And Out
  9. Log Out
By: icarus, (c) Melonfire
Rating: starstarstarstarstar / 29
April 02, 2003

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement
One of the things that frequently goes unmentioned when discussing SSH port forwarding - perhaps because it's not so obvious at first glance - it that you can use the remote host to forward connections to *any* other named host (not just to itself) on the network.

If you look at the example on the previous page again,
[me@olympus] $ /usr/local/ssh/bin/ssh -L 9000:localhost:110 brutus
you will notice that I am using the remote host "brutus" to open connections to port 9000 on a host named "localhost". Since "brutus" automatically resolves the host name "localhost" to itself, I could also write the command above as
[me@olympus] $ /usr/local/ssh/bin/ssh -L 9000:brutus:110 brutus
and obtain an equivalent result.

This opens up an interesting possibility - using an SSH connection between two hosts to create a connection to a third host. Can it be done? Yes indeedy - take a look:
[me@olympus] $ /usr/local/ssh/bin/ssh -L 9001:medusa:25 brutus
In this case, all connections made to port 9001 on my local machine "olympus" will automatically get forwarded to port 25 (the SMTP port) on the new host "medusa" via the host "brutus". Try it and see for yourself:
[me@olympus] $ telnet localhost 9001
Trying 127.0.0.1...Connected to localhostEscape character is '^]'.220 medusa.domain.com ESMTP Sendmail 8.9.3/8.9.3; Fri, 28 Mar 2003 11:11:44+0530 
Neat, huh?

 
 
>>> More Site Administration Articles          >>> More By icarus, (c) Melonfire
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

SITE ADMINISTRATION ARTICLES

- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: