Tunneling to a third host - SSH

This is a discussion on Tunneling to a third host - SSH ; i am on a windows box using ssh.com's ssh client (will call it client). my linux box (host) at work does not have a open port to the internet but another linux box (gateway) on our network does. i can ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Tunneling to a third host

  1. Tunneling to a third host

    i am on a windows box using ssh.com's ssh client (will call it client).

    my linux box (host) at work does not have a open port to the internet
    but another linux box (gateway) on our network does. i can ssh into
    this box and then from that terminal ssh into mine. i have a vnc server
    running on host

    what i want to do is forward port from client through gateway to host
    so i can vnc directly from client to host. theport the vnc server is
    running on is 5901 and the port i will use on client is 5902.

    to add addition problems i have a different username for each box.

    using my ssh clients command window in windows, ssh2.exe, i have
    tried the following:

    ssh2 -L 5902:host_user@host:5901 gateway_user@gateway

    this asks me for my gateway username and appears to log me into this.
    no pass for host_user is asked for and it appears that no ports have
    been forward, atleast not to host. is there anyway of telling in linux
    if ports have been forwarded?

    if anyone could suggest the correct command to achieve what i want that
    would be great


  2. Re: Tunneling to a third host

    >>>>> "SJ" == SnakeyJakey writes:

    SJ> i am on a windows box using ssh.com's ssh client (will call it
    SJ> client). my linux box (host) at work does not have a open port to
    SJ> the internet but another linux box (gateway) on our network
    SJ> does. i can ssh into this box and then from that terminal ssh into
    SJ> mine. i have a vnc server running on host

    SJ> what i want to do is forward port from client through gateway to
    SJ> host so i can vnc directly from client to host. theport the vnc
    SJ> server is running on is 5901 and the port i will use on client is
    SJ> 5902.

    SJ> to add addition problems i have a different username for each box.

    SJ> using my ssh clients command window in windows, ssh2.exe, i have
    SJ> tried the following:

    SJ> ssh2 -L 5902:host_user@host:5901 gateway_user@gateway

    SJ> this asks me for my gateway username and appears to log me into
    SJ> this. no pass for host_user is asked for and it appears that no
    SJ> ports have been forward, atleast not to host. is there anyway of
    SJ> telling in linux if ports have been forwarded?

    telnet localhost 5902

    The "host_user@" should not be there; there is no authentication involved
    in making a TCP connection. VNC will run on top of that and do whatever
    authentication is needs to.

    --
    Richard Silverman
    res@qoxp.net


  3. Re: Tunneling to a third host

    unfortunately this will not work since none of the machines have a
    telnet server running. the gateway computer only has ssh server and
    port 22 open. so i need to ssh into that box.

    any other ieads?


    Richard E. Silverman wrote:
    > >>>>> "SJ" == SnakeyJakey writes:

    >
    > SJ> i am on a windows box using ssh.com's ssh client (will call it
    > SJ> client). my linux box (host) at work does not have a open port to
    > SJ> the internet but another linux box (gateway) on our network
    > SJ> does. i can ssh into this box and then from that terminal ssh into
    > SJ> mine. i have a vnc server running on host
    >
    > SJ> what i want to do is forward port from client through gateway to
    > SJ> host so i can vnc directly from client to host. theport the vnc
    > SJ> server is running on is 5901 and the port i will use on client is
    > SJ> 5902.
    >
    > SJ> to add addition problems i have a different username for each box.
    >
    > SJ> using my ssh clients command window in windows, ssh2.exe, i have
    > SJ> tried the following:
    >
    > SJ> ssh2 -L 5902:host_user@host:5901 gateway_user@gateway
    >
    > SJ> this asks me for my gateway username and appears to log me into
    > SJ> this. no pass for host_user is asked for and it appears that no
    > SJ> ports have been forward, atleast not to host. is there anyway of
    > SJ> telling in linux if ports have been forwarded?
    >
    > telnet localhost 5902
    >
    > The "host_user@" should not be there; there is no authentication involved
    > in making a TCP connection. VNC will run on top of that and do whatever
    > authentication is needs to.
    >
    > --
    > Richard Silverman
    > res@qoxp.net



  4. Re: Tunneling to a third host

    >>>>> "SJ" == SnakeyJakey writes:

    SJ> unfortunately this will not work since none of the machines have a
    SJ> telnet server running. the gateway computer only has ssh server
    SJ> and port 22 open. so i need to ssh into that box.

    You completely misunderstand me. You will use the telnet client to open a
    TCP connection to the locally forwarded port. You asked if there were any
    way to tell if the port had been forwarded.

    SJ> Richard E. Silverman wrote:
    >> >>>>> "SJ" == SnakeyJakey writes:

    >>

    SJ> i am on a windows box using ssh.com's ssh client (will call it
    SJ> client). my linux box (host) at work does not have a open port to
    SJ> the internet but another linux box (gateway) on our network
    SJ> does. i can ssh into this box and then from that terminal ssh into
    SJ> mine. i have a vnc server running on host
    >>

    SJ> what i want to do is forward port from client through gateway to
    SJ> host so i can vnc directly from client to host. theport the vnc
    SJ> server is running on is 5901 and the port i will use on client is
    SJ> 5902.
    >>

    SJ> to add addition problems i have a different username for each box.
    >>

    SJ> using my ssh clients command window in windows, ssh2.exe, i have
    SJ> tried the following:
    >>

    SJ> ssh2 -L 5902:host_user@host:5901 gateway_user@gateway
    >>

    SJ> this asks me for my gateway username and appears to log me into
    SJ> this. no pass for host_user is asked for and it appears that no
    SJ> ports have been forward, atleast not to host. is there anyway of
    SJ> telling in linux if ports have been forwarded?
    >> telnet localhost 5902
    >>
    >> The "host_user@" should not be there; there is no authentication
    >> involved in making a TCP connection. VNC will run on top of that
    >> and do whatever authentication is needs to.
    >>
    >> -- Richard Silverman res@qoxp.net



    --
    Richard Silverman
    res@qoxp.net


  5. Re: Tunneling to a third host

    On Wed, 28 Jun 2006 02:11:05 -0700, SnakeyJakey wrote:

    > i am on a windows box using ssh.com's ssh client (will call it client).
    >
    > my linux box (host) at work does not have a open port to the internet but
    > another linux box (gateway) on our network does. i can ssh into this box
    > and then from that terminal ssh into mine. i have a vnc server running on
    > host
    >
    > what i want to do is forward port from client through gateway to host so i
    > can vnc directly from client to host.


    This sounds very similar to what I am doing. On the client box I do the
    following (using your notation):

    ssh -fngT -L 3022:host:22 -C gateway ping -i 30 localhost

    In this client box I have a .ssh/config file (I am running OpenSSH) with
    the following entries:

    Host gateway
    HostName xx.xx.xx.xx
    HostKeyAlias gateway
    User UsernameOnGateway
    Port 2222

    Host host
    HostName localhost
    HostKeyAlias host
    User UsernameOnHost
    Port 3022

    In my case, gateway (which has an external IP address represented as
    xx.xx.xx.xx here) listens for incoming ssh connections from the external
    world on port 2222, and for incoming connections from the internal LAN on
    port 22.

    Thus, if I am logged in to the client box on the account where I have
    this setup (and assuming that I have installed my public keys correctly in
    the relevant accounts in gateway and host) after issuing the command

    ssh host

    I automatically get an interactive shell at host.

    I am not sure if this addresses what you have in mind, but I hope that it
    helps anyway.


  6. Re: Tunneling to a third host

    SnakeyJakey wrote:
    > i am on a windows box using ssh.com's ssh client (will call it client).
    >
    > my linux box (host) at work does not have a open port to the internet
    > but another linux box (gateway) on our network does. i can ssh into
    > this box and then from that terminal ssh into mine. i have a vnc server
    > running on host
    >
    > what i want to do is forward port from client through gateway to host
    > so i can vnc directly from client to host. theport the vnc server is
    > running on is 5901 and the port i will use on client is 5902.
    >
    > to add addition problems i have a different username for each box.
    >
    > using my ssh clients command window in windows, ssh2.exe, i have
    > tried the following:
    >
    > ssh2 -L 5902:host_user@host:5901 gateway_user@gateway
    >
    > this asks me for my gateway username and appears to log me into this.
    > no pass for host_user is asked for and it appears that no ports have
    > been forward, atleast not to host. is there anyway of telling in linux
    > if ports have been forwarded?
    >
    > if anyone could suggest the correct command to achieve what i want that
    > would be great
    >


    I don't think you need the "host_user@" portion. Just do

    ssh -L 5902:host:5901 gateway_user@gateway

    Then point your vnc client to localhost:5902 and it should work.

+ Reply to Thread