I'm bit new this feature as well, and I find this situation bit
irritating. the same bounce off box can be used to tunnel any part but
in my understanding to tunnel a privilege port (<1024) from a middle
box you'll need to do it with the root user of the ssh proxy. So
following command will looks like...

$ ssh root$SSHPROXY -L993:MAILSERVER:2993

may be someone can give a logical explanation to this.


On 8/24/07, Johannes Graumann wrote:
> Hello all,
> I have a hard time getting the following situation sorted out and would
> appreciate any input to solve it.
> I'm in a firewalled LAN which provides a ssh-proxy to access outside machines
> which I have to use like so:
> 1) build tunnel
> ssh ProxyUser@SSHPROXY -L 2022:OUTSIDEBOX:22
> 2) make connection
> ssh -X OutsideboxUser@localhost -p 2022
> What I now wish to do is to access an outside mailserver (especially port 993)
> through this proxy and am stuck how to conceptually do this - build another
> tunnel through the tunnel?
> If anybody can nudge me in the right direction, I would be very grateful.
> Johannes

Disclaimer: Views expressed in this mail are my personal views and
they would not reflect views of the employer.