going from A to B - SSH

This is a discussion on going from A to B - SSH ; My work requires us to ssh into a certain machine (A) and then we can ssh to a more normal workstation (B), where B isn't visible past teh firewall. Is there a way to forward or redirect (whatever the proper ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: going from A to B

  1. going from A to B

    My work requires us to ssh into a certain machine (A) and then we can
    ssh to a more normal workstation (B), where B isn't visible past teh
    firewall. Is there a way to forward or redirect (whatever the proper
    term is) so I can do this in one shot?


  2. Re: going from A to B

    Greg Hennessy wrote:

    > My work requires us to ssh into a certain machine (A) and then we can
    > ssh to a more normal workstation (B), where B isn't visible past teh
    > firewall. Is there a way to forward or redirect (whatever the proper
    > term is) so I can do this in one shot?


    Yes. You can set on the firewall to forward port eg. 2222 to 22 (or
    whichever sshd listens on B machine), or you could add the very same
    forwarding rule on A to certain port on B.
    --
    Cezary Morga

  3. Re: going from A to B

    Greg Hennessy writes:

    > My work requires us to ssh into a certain machine (A) and then we can
    > ssh to a more normal workstation (B), where B isn't visible past teh
    > firewall. Is there a way to forward or redirect (whatever the proper
    > term is) so I can do this in one shot?


    Probably.

    Can you describe (using more description) what you're trying to
    accomplish in terms of the network?

    Is A a gateway machine? Where are these "more normal" workstations
    relative to where you're starting from? What makes them "more
    normal" (though that may not be relevant)? And waht do you mean B
    isn't visible "past the firewall" - do you mean that machine B isn't
    accessible from the Internet? The company intranet?

    It's not clear which network zones are all involved yet, but I'm
    pretty sure ssh can help jump through these hoops using either forward
    or reverse port forwarding.

    Best Regards,
    --
    Todd H.
    http://www.toddh.net/

  4. Re: going from A to B

    On Wed, 04 Oct 2006 15:56:56 +0000, Greg Hennessy wrote:

    > My work requires us to ssh into a certain machine (A) and then we can ssh
    > to a more normal workstation (B), where B isn't visible past teh firewall.
    > Is there a way to forward or redirect (whatever the proper term is) so I
    > can do this in one shot?


    In case this is the setup that you have in mind:

    Machine M1 is in the Internet.

    Machine M2 is in the Internet.

    Machine M3 is not in the Internet, but it is in some private network
    N that M2 is connected to.

    M1 can get into M2 via SSH.

    M2 can access M3 via SSH in N.

    M3 is not directly accessible from M1 (because M3 is not in the
    Internet).

    M3 is listening for incoming SSH connections at port (say) 222 in
    N.

    In order to SSH into M3 from M1 we do the following on M1
    (assuming that the SSH software used is OpenSSH):

    ssh -fngT -L 3022:M3:222 -C M2 ping -i 30 localhost > /dev/null
    2>&1

    If in M1 we add to .ssh/config the entry

    Host M3
    HostName localhost
    HostKeyAlias M3
    User Username on M3
    Port 3022

    then we can get from M1 to M3 by means of

    ssh M3


+ Reply to Thread