GROG! writes:

> Hi all. I know that I can initiate ssh tunneling from system A to
> connect a process from local system A to the remote system B.
>
> A$ ssh -L 999:B:999 -l user -N B
>
> But what I need to do is have A setup a tunnel that would allow a
> process on B to be able to connect to A. I need this because A is
> connected through a router with a locally assigned ip as is B, but on
> separate routers. I need to be able to ssh into A from B, but AFAIK
> there's no way to be able to contact A from B, because all that is
> known from the outside is the router's ip & I do not have access to
> A's router to be able to enable port forwarding.
>
> Hopefully I've explained this properly. Is this even possible? tx

Check out the -R flag for reverse tunnel.


--
Todd H.
http://www.toddh.net/

On 05-29 10:57 CDT, Todd H. wrote:
> GROG! writes:
>> But what I need to do is have A setup a tunnel that would allow a
>> process on B to be able to connect to A.>
>
> Check out the -R flag for reverse tunnel.

Thanks for the help. According to the man page that should work, but I
must have either the logic or the syntax wrong. I do need to bind a
port on B that'll be directed to port 22 on A for this to work,
correct? This doesn't work:

A$ ssh -R 22:B:9999 -N B
Password:
Warning: remote port forwarding failed for listen port 22

B$ ssh -p 9999 localhost
Password:
ssh: connect to host localhost port 9999: Connection refused

But if I reverse the ports, there's no errors but I just get connected
back to B:

A$ ssh -R 9999:B:22 -N B
Password:

B$ ssh -p 9999 localhost
Password:
B$

What am I doing wrong? tx

--
EMAIL: uber [dot] grog [at] gmail [dot] com

GROG! writes:

>Hi all. I know that I can initiate ssh tunneling from system A to
>connect a process from local system A to the remote system B.

> A$ ssh -L 999:B:999 -l user -N B

>But what I need to do is have A setup a tunnel that would allow a
>process on B to be able to connect to A. I need this because A is
>connected through a router with a locally assigned ip as is B, but on
>separate routers. I need to be able to ssh into A from B, but AFAIK
>there's no way to be able to contact A from B, because all that is
>known from the outside is the router's ip & I do not have access to
>A's router to be able to enable port forwarding.

>Hopefully I've explained this properly. Is this even possible? tx


You could use openvpn to do this.

GROG! wrote:

> But if I reverse the ports, there's no errors but I just get
> connected back to B:
>
> A$ ssh -R 9999:B:22 -N B
> Password:
>
> B$ ssh -p 9999 localhost
> Password:
> B$
>
> What am I doing wrong? tx

The hostname between the two colons is the destination host for the
tunneled connection. You want to connect to A:22, so you need:

A$ ssh -R 9999:A:22 -N B
B$ ssh -p 9999 localhost

On 05-30 06:09 CDT, Paul Hink wrote:
> GROG! wrote:
>> What am I doing wrong? tx
>
> The hostname between the two colons is the destination host for the
> tunneled connection. You want to connect to A:22, so you need:
>
> A$ ssh -R 9999:A:22 -N B
> B$ ssh -p 9999 localhost

DOH!! Of course that works. The man page obviously wasn't clear enough
for me . Thank you very much for your help.

--
EMAIL: uber [dot] grog [at] gmail [dot] com

On Thu, 29 May 2008 20:42:38 GMT Unruh wrote:
| GROG! writes:
|
|>Hi all. I know that I can initiate ssh tunneling from system A to
|>connect a process from local system A to the remote system B.
|
|> A$ ssh -L 999:B:999 -l user -N B
|
|>But what I need to do is have A setup a tunnel that would allow a
|>process on B to be able to connect to A. I need this because A is
|>connected through a router with a locally assigned ip as is B, but on
|>separate routers. I need to be able to ssh into A from B, but AFAIK
|>there's no way to be able to contact A from B, because all that is
|>known from the outside is the router's ip & I do not have access to
|>A's router to be able to enable port forwarding.
|
|>Hopefully I've explained this properly. Is this even possible? tx
|
|
| You could use openvpn to do this.

Have they made this into a simple command like ssh that connects to something
on the other end directly the way ssh does?

--
|WARNING: Due to extreme spam, googlegroups.com is blocked. Due to ignorance |
| by the abuse department, bellsouth.net is blocked. If you post to |
| Usenet from these places, find another Usenet provider ASAP. |
| Phil Howard KA9WGN (email for humans: first name in lower case at ipal.net) |