Login or Register to Ask a Question and Join Our Community


HP-UX

Sharing ssh tunnels between users

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems HP-UX Sharing ssh tunnels between users
# 1  
Old 12-30-2009
Sharing ssh tunnels between users
userA and userB are two non-root accounts on HP-UX box. userA creates ssh tunnel (local forward) to some different host. Will userB be able to use that tunnel? What about remote forward? If not, what OS mechanism will prevent it from happening? Unfortunately I am unable to create this setup at this time, that's why I'm asking for your help.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. IP Networking

Bonding of IP tunnels

Hello. Our Company is spreaded over Germany. There are main offices an branch offices. These offices are mostly connecte via multiple sdsl. We build a IPSEC VPN Infrastructure using Aastaro Security Gateways appliances. It seemed that only one VPN Connetion between to offices could be... (0 Replies)
Discussion started by: mschwadorf
0 Replies

2. AIX

SSH and a users .profile

How do I get a command like "ssh Theuser@host date" to execute the /home/Theuser/.profile before executing the "date" command? (5 Replies)
Discussion started by: IL-Malti
5 Replies

3. Cybersecurity

ssh many users to one home

Hey guys, Hmm.. I'm not quite sure where to open this. If any mod thinks this is not the place, please move it to wherever its suited :) So, I want to allow some trusted users to scp files into my server (to an specific user), but I do not want to give these users a home, neither ssh... (1 Reply)
Discussion started by: flpgdt
1 Replies

4. IP Networking

SSH Port Forwarding - sharing the same port

Hi Linux/Unix Guru, I am setting Linux Hopping Station to another different servers. My current config to connect to another servers is using different port to connect. e.g ssh -D 1080 -p 22 username@server1.com ssh -D 1081 -p 22 username@server2.com Now what I would like to have... (3 Replies)
Discussion started by: regmaster
3 Replies

5. Shell Programming and Scripting

Sharing SSH Keys

I have 2 systems A and B I need to do a passwd less authentication inorder to send a file from system B to system A automatically(using sftp) for this i did the following I generated ssh-keygen -t dsa on system B, copied this key(id_dsa.pub) into the authorized_keys file on system A... (1 Reply)
Discussion started by: ramky79
1 Replies

6. Shell Programming and Scripting

SSH for a group of users ?

Hi, Can any one tell me is it possible to setup private key public key pairing(SSH ) for a group of users , instead of setting it up for individual users ? Eg: Say i have 3 users A,B and C and i want the users to connect to SERVER1. instead of generating public private keys for each user , is... (3 Replies)
Discussion started by: deepusunil
3 Replies

7. UNIX for Advanced & Expert Users

ssh not logging users

We installed ssh on our AIX 5.3 box. The issue we are facing is that we dont get the users listed when we use 'w' or 'who'. After going through google without success, checked the www.openssh.org site. The FAQ section posted the solution that - How do I go about this? Has anyone faced an issue... (2 Replies)
Discussion started by: ranj@chn
2 Replies

8. IP Networking

sharing of IP address for load sharing avoiding virtual server & redirection machine

I have RedHat 9.0 installed on three of my servers (PIII - 233MHz) and want that they share a common IP address so that any request made reaches each of the servers. Can anyone suggest how should I setup my LAN. I'm new to networking in Linux so please elaborate and would be thankful for a timely... (2 Replies)
Discussion started by: Rakesh Ranjan
2 Replies

9. UNIX for Advanced & Expert Users

Bridging with SSH Tunnels

Here is the scenario: I use an OpenBSD 2.9 box as my firewall and gateway at the house. One of the boxes behind my OpenBSD box is my FreeBSDBox. I would like to be able to use port forwarding with SSH to enable a secure connection from work to the OpenBSD box and to have the OpenBSD box... (6 Replies)
Discussion started by: auswipe
6 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

connect-tunnel

CONNECT-TUNNEL(1p)					User Contributed Perl Documentation					CONNECT-TUNNEL(1p)

NAME

       connect-tunnel - Create CONNECT tunnels through HTTP proxies

SYNOPSIS

       connect-tunnel [ -Lv ] [ -A user:pass ] [ -P proxy:port ]
		      [ -C controlport ] [ -T port:host:hostport ]

DESCRIPTION

       connect-tunnel sets up tunneled connections to external hosts by redirecting connections to local ports towards thoses hosts/ports through
       a HTTP proxy.

       connect-tunnel makes use of the HTTP "CONNECT" method to ask the proxy to create a tunnel to an outside server. Be aware that some proxies
       are set up to deny outside tunnels (either to ports other than 443 or outside a specified set of outside hosts).

OPTIONS

       The program follows the usual GNU command line syntax, with long options starting with two dashes.

       -A, --proxy-authentication user:password
	   Proxy authentication information.

	   Please note that all the authentication schemes supported by "LWP::UserAgent" are supported (we use an "LWP::UserAgent" internally to
	   contact the proxy).

       -C, --control-port controlport
	   The port to which one can connect to issue control commands to connect-tunnel.

	   See "CONTROL CONNECTIONS" for more details about the available commands.

       -L, --local-only
	   Create the tunnels so that they will only listen on "localhost".  Thus, only connections originating from the machine that runs
	   connect-tunnel will be accepted.

	   That was the default behaviour in connect-tunnel version 0.02.

       -P, --proxy proxy[:port]
	   The proxy is required to connect the tunnels.  If no port is given, 8080 is used by default.

	   See also "ENVIRONMENT VARIABLES".

       -T, --tunnel port:host:hostport
	   Specifies that the given port on the local host is to be forwarded to the given host and hostport on the remote side. This works by
	   allocating a socket to listen to port on the local side, and whenever a connection is made to this port, connect-tunnel forwards it to
	   the proxy (with the credentials, if required), which in turn forwards it to the final destination.

	   Note that this does not imply the use of any cryptographic system (SSL or any other). This is a simple TCP redirection. The security if
	   any, is the one provided by the protocol used to connect to the destination through connect-tunnel.

	   On Unix systems, only root can forward privileged ports.

	   Note that you can setup tunnels to multiple destinations, by using the --tunnel option several times.

       -U, --user-agent string
	   Specify User-Agent value to send in HTTP requests.  The default is to send "connect-tunnel/version".

       -v, --verbose
	   Verbose output.

	   This option can be used several times for more verbose output.

EXAMPLES

       To connect to a SSH server running on "ssh.example.com", on port 443, through the proxy "proxy.company.com", running on port 8080, use the
       following command:

	   connect-tunnel -P proxy.company.com:8080 -T 22:ssh.example.com:443

       And now point your favorite ssh client to the machine running connect-tunnel.

       You can also emulate a "standard" user-agent:

	   connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
			  -P proxy.company.com:8080 -T 22:ssh.example.com:443

       connect-tunnel can easily use your proxy credentials to connect outside:

	   connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
			  -P proxy.company.com:8080 -T 22:ssh.example.com:443
			  -A book:s3kr3t

       But if you don't want anybody else to connect to your tunnels and through the proxy with your credentials, use the --local-only option:

	connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
		       -P proxy.company.com:8080 -T 22:ssh.example.com:443
		       -A book:s3kr3t -L

       If you have several destinations, there is no need to run several instances of connect-tunnel:

	connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
		       -P proxy.company.com:8080 -A book:s3kr3t -L
		       -T 22:ssh.example.com:443
		       -T 222:ssh2.example.com:443

       But naturally, you will need to correctly set up the ports in your clients.

       Mmm, such a long command line would perfectly fit in an alias or a .BAT file. ";-)"

ENVIRONMENT VARIABLES

       The environment variable "HTTP_PROXY" can be used to provide a proxy definition.

       The environment variable is overriden by the --proxy option, if passed to connect-tunnel.

AUTHOR

       Philippe "BooK" Bruhat, "<book@cpan.org>".

       I seem to have re-invented a well-known wheel with that script, but at least, I hope I have added a few interesting options to it.

SCRIPT HISTORY

       The first version of the script was a quick hack that let me go through a corporate proxy.

       Version 0.02 and version 0.03 were released on CPAN in 2003.

       Version 0.04 sits half-finished in a CVS repository at home: I couldn't decypher the spaghetti of my data structures any more. ":-("

       Version 0.05 (and higher) are based on "Net::Proxy", and included with the "Net::Proxy" distribution.

       Even though it's not rocket science, connect-tunnel has been cited in at least one academic works:

       o   HTTP Tunnels Through Proxies, Daniel Alman

	   Available at SANS InfoSec Reading Room: Covert Channels <http://www.sans.org/rr/whitepapers/covert/>

	   Direct link: <http://www.sans.org/rr/whitepapers/covert/1202.php>

COPYRIGHT

       Copyright 2003-2007, Philippe Bruhat. All rights reserved.

LICENSE

       This module is free software; you can redistribute it or modify it under the same terms as Perl itself.

perl v5.10.1							    2009-10-18							CONNECT-TUNNEL(1p)