Howto setup two-way ssh tunnel? - SSH

This is a discussion on Howto setup two-way ssh tunnel? - SSH ; Hi all. I know that I can initiate ssh tunneling from system A to connect a process from local system A to the remote system B. A$ ssh -L 999:B:999 -l user -N B But what I need to do ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Howto setup two-way ssh tunnel?

  1. Howto setup two-way ssh tunnel?

    Hi all. I know that I can initiate ssh tunneling from system A to
    connect a process from local system A to the remote system B.

    A$ ssh -L 999:B:999 -l user -N B

    But what I need to do is have A setup a tunnel that would allow a
    process on B to be able to connect to A. I need this because A is
    connected through a router with a locally assigned ip as is B, but on
    separate routers. I need to be able to ssh into A from B, but AFAIK
    there's no way to be able to contact A from B, because all that is
    known from the outside is the router's ip & I do not have access to
    A's router to be able to enable port forwarding.

    Hopefully I've explained this properly. Is this even possible? tx

    --
    EMAIL: uber [dot] grog [at] gmail [dot] com

  2. Re: Howto setup two-way ssh tunnel?

    GROG! writes:

    > Hi all. I know that I can initiate ssh tunneling from system A to
    > connect a process from local system A to the remote system B.
    >
    > A$ ssh -L 999:B:999 -l user -N B
    >
    > But what I need to do is have A setup a tunnel that would allow a
    > process on B to be able to connect to A. I need this because A is
    > connected through a router with a locally assigned ip as is B, but on
    > separate routers. I need to be able to ssh into A from B, but AFAIK
    > there's no way to be able to contact A from B, because all that is
    > known from the outside is the router's ip & I do not have access to
    > A's router to be able to enable port forwarding.
    >
    > Hopefully I've explained this properly. Is this even possible? tx


    Check out the -R flag for reverse tunnel.


    --
    Todd H.
    http://www.toddh.net/

  3. Re: Howto setup two-way ssh tunnel?

    On 05-29 10:57 CDT, Todd H. wrote:
    > GROG! writes:
    >> But what I need to do is have A setup a tunnel that would allow a
    >> process on B to be able to connect to A.>

    >
    > Check out the -R flag for reverse tunnel.


    Thanks for the help. According to the man page that should work, but I
    must have either the logic or the syntax wrong. I do need to bind a
    port on B that'll be directed to port 22 on A for this to work,
    correct? This doesn't work:

    A$ ssh -R 22:B:9999 -N B
    Password:
    Warning: remote port forwarding failed for listen port 22

    B$ ssh -p 9999 localhost
    Password:
    ssh: connect to host localhost port 9999: Connection refused

    But if I reverse the ports, there's no errors but I just get connected
    back to B:

    A$ ssh -R 9999:B:22 -N B
    Password:

    B$ ssh -p 9999 localhost
    Password:
    B$

    What am I doing wrong? tx

    --
    EMAIL: uber [dot] grog [at] gmail [dot] com

  4. Re: Howto setup two-way ssh tunnel?

    GROG! writes:

    >Hi all. I know that I can initiate ssh tunneling from system A to
    >connect a process from local system A to the remote system B.


    > A$ ssh -L 999:B:999 -l user -N B


    >But what I need to do is have A setup a tunnel that would allow a
    >process on B to be able to connect to A. I need this because A is
    >connected through a router with a locally assigned ip as is B, but on
    >separate routers. I need to be able to ssh into A from B, but AFAIK
    >there's no way to be able to contact A from B, because all that is
    >known from the outside is the router's ip & I do not have access to
    >A's router to be able to enable port forwarding.


    >Hopefully I've explained this properly. Is this even possible? tx



    You could use openvpn to do this.



  5. Re: Howto setup two-way ssh tunnel?

    GROG! wrote:

    > But if I reverse the ports, there's no errors but I just get
    > connected back to B:
    >
    > A$ ssh -R 9999:B:22 -N B
    > Password:
    >
    > B$ ssh -p 9999 localhost
    > Password:
    > B$
    >
    > What am I doing wrong? tx


    The hostname between the two colons is the destination host for the
    tunneled connection. You want to connect to A:22, so you need:

    A$ ssh -R 9999:A:22 -N B
    B$ ssh -p 9999 localhost

  6. Re: Howto setup two-way ssh tunnel?

    On 05-30 06:09 CDT, Paul Hink wrote:
    > GROG! wrote:
    >> What am I doing wrong? tx

    >
    > The hostname between the two colons is the destination host for the
    > tunneled connection. You want to connect to A:22, so you need:
    >
    > A$ ssh -R 9999:A:22 -N B
    > B$ ssh -p 9999 localhost


    DOH!! Of course that works. The man page obviously wasn't clear enough
    for me . Thank you very much for your help.

    --
    EMAIL: uber [dot] grog [at] gmail [dot] com

  7. Re: Howto setup two-way ssh tunnel?

    On Thu, 29 May 2008 20:42:38 GMT Unruh wrote:
    | GROG! writes:
    |
    |>Hi all. I know that I can initiate ssh tunneling from system A to
    |>connect a process from local system A to the remote system B.
    |
    |> A$ ssh -L 999:B:999 -l user -N B
    |
    |>But what I need to do is have A setup a tunnel that would allow a
    |>process on B to be able to connect to A. I need this because A is
    |>connected through a router with a locally assigned ip as is B, but on
    |>separate routers. I need to be able to ssh into A from B, but AFAIK
    |>there's no way to be able to contact A from B, because all that is
    |>known from the outside is the router's ip & I do not have access to
    |>A's router to be able to enable port forwarding.
    |
    |>Hopefully I've explained this properly. Is this even possible? tx
    |
    |
    | You could use openvpn to do this.

    Have they made this into a simple command like ssh that connects to something
    on the other end directly the way ssh does?

    --
    |WARNING: Due to extreme spam, googlegroups.com is blocked. Due to ignorance |
    | by the abuse department, bellsouth.net is blocked. If you post to |
    | Usenet from these places, find another Usenet provider ASAP. |
    | Phil Howard KA9WGN (email for humans: first name in lower case at ipal.net) |

+ Reply to Thread