Port Forwarding - can remote tell who source is? - SSH

This is a discussion on Port Forwarding - can remote tell who source is? - SSH ; I am looking at using Port Forwarding to encrypt traffic between existing UNIX/Linux applications. I understand that I setup a local port to talk to the remote application, then reconfigure my local application client to connect to this local port. ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Port Forwarding - can remote tell who source is?

  1. Port Forwarding - can remote tell who source is?

    I am looking at using Port Forwarding to encrypt traffic between
    existing UNIX/Linux applications. I understand that I setup a local
    port to talk to the remote application, then reconfigure my local
    application client to connect to this local port.

    However, once the remote server receives the incoming connection, can
    it find out which machine the connection came from?
    I understand that accept(), getpeername() etc would show the remote
    server machine as being the originator of the connection.

    TIA
    Mark


  2. Re: Port Forwarding - can remote tell who source is?

    Mister B wrote:
    > I am looking at using Port Forwarding to encrypt traffic between
    > existing UNIX/Linux applications. I understand that I setup a local
    > port to talk to the remote application, then reconfigure my local
    > application client to connect to this local port.
    >
    > However, once the remote server receives the incoming connection, can
    > it find out which machine the connection came from?
    > I understand that accept(), getpeername() etc would show the remote
    > server machine as being the originator of the connection.
    >
    > TIA
    > Mark
    >


    Not as far as I know. It sees the host running the sshd server as the
    client.

  3. Re: Port Forwarding - can remote tell who source is?

    Mister B writes:
    >However, once the remote server receives the incoming connection, can
    >it find out which machine the connection came from?


    Both SSH-1 and SSH-2 have a means for the listening side to indicate to
    the other side the "real" host and port that connected when establishing
    the tunnel (although the format of this information is not well
    specified in SSH-1).

    However, it's up to the listening side to provide correct information in
    these fields, which means that they are no good as (for instance) a
    crude form of authentication. Also, not all implementations provide
    meaningful information in these fields (for instance, PuTTY does not).

    Also, I don't know how you would get the information out of a given SSH
    server in your situation.

+ Reply to Thread