This is a discussion on Re: is ssh tunneling a security risk? - openssh ; David: Among other tricks which can be played with SSH tunnels (for good or ill, just the facts) are that if you set up your external host to do "GatewayPorts yes" and open its firewall, you could accidentally (or intentionally, ...
David: Among other tricks which can be played with SSH tunnels (for
good or ill, just the facts) are that if you set up your external host
to do "GatewayPorts yes" and open its firewall, you could accidentally
(or intentionally, from your ITSec groups' point of view) allow anyone
in the world to connect to your external host and traverse your SSH
tunnel, in reverse, to the inside of your corporate LAN.
"Security risk" is always a subjective decision made by your IT Security
group based on your organizations' priorities, assets, data, etc -- but
my guess would be that if they feel it's a risk, it's probably due to
your potential to bypass corporate firewalls for incoming traffic.
David M. Kaplan wrote:
> My IT department is really heavy on security. From outside the
> building, they have a rather complex system setup so that you can get
> around the firewall and ssh into a single machine. From there, you have
> to ssh into the machine you want to use.
> To simplify things, I have been using a tunnel to hop from my machine
> directly (through the tunnel) to the machine I want to use in the
> building. This has worked fine until a couple of days ago when IT
> decided to prohibit tunneling for "security reasons" (attempting to use
> the tunnel now responds with "channel 3: open failed: administratively
> prohibited: open failed"). This has made it almost impossible to work
> with the system.
> What I am wondering is exactly what "security risk" does an ssh tunnel
> pose? I thought you used an ssh tunnel to enhance security, not the
> other way around. Can someone give me a reason why it is a risk to
> leave this open or give me good arguments that I can forward to IT for
> why they should not prohibit tunneling?