anonymous ssh forwarding

Hexren me at
Wed Aug 24 22:28:17 GMT 2005

>> Hello,
>> On Thu, Aug 25, 2005 at 12:35:24AM +0300, Toomas Laasik wrote:
>> > Hello,
>> > I have the following situation. Our company has a ssh server where users can connect from only specified static ip addresses. Like I have at home an ip address and ssh server accepts
>> connections only from it.
>> > Now I wan't to get access to that ssh server from places where I don't have static ip.
>> > I already have at home a freebsd server running with simple configutation. Is it possible to make some kind of tunnel or something so I could connect to my home freebsd machine that connects to
>> ssh server so that ssh server 'thinks' that I'm connecting from home?
>> >
>> > Thank you in advance.
>> >
>> > Sorry for bad English
>> >
>> > Toomas
>> >
>> Why don't you ssh into your home pc with static ip from your pc with dynamic ip
>> and then ssh from your home machine into your "server"?

> Using just ssh is no a problem. The machine with dynamic IP has WinXP and Putty on it. Setting remote command in Putty to "ssh user at" eliminates even the need to type it in in putty
> ssh console...
> Anyway the problem comes when I want to use FileZilla to make SFTP connection over SSH2 connection through home computer. I've tried Putty's tunneling, but the other end of that tunnel is still my
> home computer even tho my home computer is connected to www server with ssh.
> So my approach is to find out how can I set something up on my home freebsd machine so that connecting to some port on it, it connects to www server ssh port.

> Toomas



You could build up a VPN (OpenVPN comes to my mind) between your home and your
roaming machine, set your home BSD machine up to act as a NAT gateway
from the VPN to the World and then make a route on your roaming
machine to the effect of using your home machine as the gateway for
connecting to your office IP.

I would guess that some combination of port forwarding (done
in the Firewall) and NAT could also allow you to achieve your goal.

But I like VPN solutions.


More information about the freebsd-questions mailing list