Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH forwarding based on ports
Top Forums Shell Programming and Scripting SSH forwarding based on ports Post 302811955 by 3therk1ll on Friday 24th of May 2013 03:47:13 PM
Old 05-24-2013
SSH forwarding based on ports
Hi guys, I'm trying to set up an Ubuntu VPN server that will forward an ssh connection automatically as a proxy to two separate LAN hosts.
What I'm looking at doing is making SSH listen on two ports (if that is possible) and get some kind of script, preferably something in bash, that will listen on those two ports and forward the connection to whichever host in the event of a successful connection.

Eg:

P 22 >> Host 1
P 4000 >> Host 2

The two hosts are running red Hat linux and a Windows variant and will be accessed initially from both Linux and Windows machines.
I was looking at getting ssh to listen on the separate ports by editing the
Code:
/etc/ssh/sshd

to add for example, port 4000 underneath port 22 and restart the service.

At the minute I have it all running on Amazon ec2.

Any ideas?
 

10 More Discussions You Might Find Interesting

1. OS X (Apple)

ssh forwarding to X11

Hi, I have issues with running graphical interfaces on my computer being remotely logged into a network via the -X option of ssh. My .cshrc shows DISPLAY=hostname:0 and I think there should be a different number instead of the 0. I changed the ssh_config file already to 'X11 forwarding yes', which... (0 Replies)
Discussion started by: ginese
0 Replies

2. Cybersecurity

ssh X-forwarding and remote forwarding behind proxy

Hi, from my workplace we use a proxy to connect to the outside world, including external ssh servers. The problem is that the server is seeing the connection coming from the proxy and knows nothing about the client behind it. The ssh connection itself works fine, but x-forwarding does not work as... (1 Reply)
Discussion started by: vampirodolce
1 Replies

3. Shell Programming and Scripting

SSH Tunnel Forwarding with no shell

Hi Experts, I am trying to have the SSH tunnel Remote forwarding command in a shell script. I should be able to do 2 tasks, but unable to get that going. 1) I have 3 servers Server 1, Server 2, Server 3. I have my Database running on Server 1 and my script running on Server 2 which should... (0 Replies)
Discussion started by: Scriptingglitch
0 Replies

4. UNIX for Dummies Questions & Answers

SSH port forwarding/tunneling

So this seems like something that should be simple...but I can't quite seem to get it up and running. I have a machine, .107 with a GUI on port 8443. The problem is that I can't connect directly to .107 from my laptop. Now I have another machine, .69 that can connect to .107. So shouldn't I be able... (4 Replies)
Discussion started by: DeCoTwc
4 Replies

5. UNIX for Advanced & Expert Users

Forwarding based on keywords in sendmail

I have an application that runs on the server with root privileges and all emails it sends get sent to root (errors, logs, etc), when they should actually go to one of application admins. I would like to separate these emails from the OS related one sent to root and forward them to that... (2 Replies)
Discussion started by: vostrushka
2 Replies

6. UNIX for Advanced & Expert Users

SSH X forwarding question

Hi, Local PC - Ubuntu 11.04 desktop Remote PC - Debian 6.0 desktop My problem is 2 desktops, remote and local, are displayed on the same workplace on local PC. It would be quite confusing. Is there any way to display each desktop on one workplace(on its own workplace) OR displaying both... (0 Replies)
Discussion started by: satimis
0 Replies

7. IP Networking

Totally stucked in ssh port forwarding

Hello my friends , i am totally stuck in ssh port forwarding topic i had learn iptables and other networking topic without any problem but ssh port forwarding is headache 1. local port = what is this ? is this incoming traffic or outgoing traffic 2. remote port = same as above 3. dynamic... (2 Replies)
Discussion started by: rink
2 Replies

8. IP Networking

Ftp over SSH port forwarding

Hi, I'm trying to connect ftp over ssh port forwarding to a sever(UnixC) behind FireWall(F/W). here's my env and question. UnixA(SSH Client) ----F/W ---- UnixB(SSH Svr) ---- UnixC (FTP, 21) UnixA wants to connect ftp service of UnixC via SSH port forwarding on UnixB. Unix A,... (3 Replies)
Discussion started by: hanyunq
3 Replies

9. IP Networking

Help me understand ports and port forwarding please

I have a few questions below on ports. From my understanding ports are what allow information to come into your computer and each port interprets/allows specific information/data to come in. Is this correct from a ball park perspective? If not could some elaborate on this please. What... (1 Reply)
Discussion started by: syregnar86
1 Replies

10. IP Networking

Ssh port forwarding through a pseudo terminal

Here's a situation: I do all my work on a Mac. I have mysql installed on my mac. 1. There's a certain linux server 'server01' that provides access to another linux server 'server02' via a pseudo terminal So, to ssh into 'server02', I do this from my mac: ssh -t server01... (1 Reply)
Discussion started by: imperialguy
1 Replies

LEARN ABOUT REDHAT

ssh-keyscan

SSH-KEYSCAN(1)						    BSD General Commands Manual 					    SSH-KEYSCAN(1)

NAME

     ssh-keyscan -- gather ssh public keys

SYNOPSIS

     ssh-keyscan [-v46] [-p port] [-T timeout] [-t type] [-f file] [host | addrlist namelist] [...]

DESCRIPTION

     ssh-keyscan is a utility for gathering the public ssh host keys of a number of hosts.  It was designed to aid in building and verifying
     ssh_known_hosts files.  ssh-keyscan provides a minimal interface suitable for use by shell and perl scripts.

     ssh-keyscan uses non-blocking socket I/O to contact as many hosts as possible in parallel, so it is very efficient.  The keys from a domain
     of 1,000 hosts can be collected in tens of seconds, even when some of those hosts are down or do not run ssh.  For scanning, one does not
     need login access to the machines that are being scanned, nor does the scanning process involve any encryption.

     The options are as follows:

     -p port
	     Port to connect to on the remote host.

     -T timeout
	     Set the timeout for connection attempts.  If timeout seconds have elapsed since a connection was initiated to a host or since the
	     last time anything was read from that host, then the connection is closed and the host in question considered unavailable.  Default
	     is 5 seconds.

     -t type
	     Specifies the type of the key to fetch from the scanned hosts.  The possible values are ``rsa1'' for protocol version 1 and ``rsa''
	     or ``dsa'' for protocol version 2.  Multiple values may be specified by separating them with commas.  The default is ``rsa1''.

     -f filename
	     Read hosts or addrlist namelist pairs from this file, one per line.  If - is supplied instead of a filename, ssh-keyscan will read
	     hosts or addrlist namelist pairs from the standard input.

     -v      Verbose mode.  Causes ssh-keyscan to print debugging messages about its progress.

     -4      Forces ssh-keyscan to use IPv4 addresses only.

     -6      Forces ssh-keyscan to use IPv6 addresses only.

SECURITY

     If a ssh_known_hosts file is constructed using ssh-keyscan without verifying the keys, users will be vulnerable to attacks.  On the other
     hand, if the security model allows such a risk, ssh-keyscan can help in the detection of tampered keyfiles or man in the middle attacks which
     have begun after the ssh_known_hosts file was created.

EXAMPLES

     Print the rsa1 host key for machine hostname:

     $ ssh-keyscan hostname

     Find all hosts from the file ssh_hosts which have new or different keys from those in the sorted file ssh_known_hosts:

     $ ssh-keyscan -t rsa,dsa -f ssh_hosts | 
	     sort -u - ssh_known_hosts | diff ssh_known_hosts -

FILES

     Input format:

     1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4

     Output format for rsa1 keys:

     host-or-namelist bits exponent modulus

     Output format for rsa and dsa keys:

     host-or-namelist keytype base64-encoded-key

     Where keytype is either ``ssh-rsa'' or ``ssh-dsa''.

     /etc/ssh/ssh_known_hosts

BUGS

     It generates "Connection closed by remote host" messages on the consoles of all the machines it scans if the server is older than version
     2.9.  This is because it opens a connection to the ssh port, reads the public key, and drops the connection as soon as it gets the key.

SEE ALSO

     ssh(1), sshd(8)

AUTHORS

     David Mazieres <dm@lcs.mit.edu> wrote the initial version, and Wayne Davison <wayned@users.sourceforge.net> added support for protocol ver-
     sion 2.

BSD
								  January 1, 1996							       BSD
All times are GMT -4. The time now is 09:05 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy