anonymous ssh forwarding
Hexren
me at hexren.net
Wed Aug 24 22:28:17 GMT 2005
>> Hello,
>> On Thu, Aug 25, 2005 at 12:35:24AM +0300, Toomas Laasik wrote:
>> > Hello,
>> > I have the following situation. Our company has a ssh server where users can connect from only specified static ip addresses. Like I have at home an ip address 1.2.3.4 and ssh server accepts
>> connections only from it.
>> > Now I wan't to get access to that ssh server from places where I don't have static ip.
>> > I already have at home a freebsd server running with simple configutation. Is it possible to make some kind of tunnel or something so I could connect to my home freebsd machine that connects to
>> ssh server so that ssh server 'thinks' that I'm connecting from home?
>> >
>> > Thank you in advance.
>> >
>> > Sorry for bad English
>> >
>> > Toomas
>> >
>> Why don't you ssh into your home pc with static ip from your pc with dynamic ip
>> and then ssh from your home machine into your "server"?
> Using just ssh is no a problem. The machine with dynamic IP has WinXP and Putty on it. Setting remote command in Putty to "ssh user at wwwserver.com" eliminates even the need to type it in in putty
> ssh console...
> Anyway the problem comes when I want to use FileZilla to make SFTP connection over SSH2 connection through home computer. I've tried Putty's tunneling, but the other end of that tunnel is still my
> home computer even tho my home computer is connected to www server with ssh.
> So my approach is to find out how can I set something up on my home freebsd machine so that connecting to some port on it, it connects to www server ssh port.
> Toomas
>>
---------------------------------------------
You could build up a VPN (OpenVPN comes to my mind) between your home and your
roaming machine, set your home BSD machine up to act as a NAT gateway
from the VPN to the World and then make a route on your roaming
machine to the effect of using your home machine as the gateway for
connecting to your office IP.
I would guess that some combination of port forwarding (done
in the Firewall) and NAT could also allow you to achieve your goal.
But I like VPN solutions.
Hexren
More information about the freebsd-questions
mailing list