[ale] Overcoming the firewall...

James CE Johnson jcej at tragus.org
Fri Aug 15 23:17:52 EDT 2003 

Michael D. Hirsch wrote:

>On Friday 15 August 2003 04:56 pm, James CE Johnson wrote:
>
>  
>
>>When I'm at home I cannot access my office desktop at all. This is where
>>I need ALE's help.
>>
>>What I *can* do is use 'ssh -R 2200:localhost:22 myPublicServer' from
>>the office desktop to connect to my public server and create a socket
>>there listening on 2200 and forwarding to 22 on the office desktop. Then
>>I drive home, login to the public box and invoke 'ssh -p 2200' to
>>connect back to the office box. I don't particularly like this because
>>(a) now 2200 is open on that public box for anyone (on my public
>>network) to connect to and (b) I really want access from my development
>>box, not from my public box.
>>    
>>
>
>Last month's Linux Journal (I think.  Maybe it was somewhere else 
>entirely.) had exactly the solution to this.  There is a tool who's name I 
>forget that will effectively do ppp over ssh.  So you set up the ssh 
>tunnel between you home and office and then you can route office traffic 
>through the ppp tunnel.
>

Hrm... I don't really want a ppp tunnel although could probably use the 
same technique. I honestly just need to be able to ssh back to the 
office box. I don't want to have to trust that the office box is (or 
remains) secured to the point that it won't be a route for folks into my 
trusted network.

>
>The really cute part was at the end of the article.  You set up you office 
>box to check to see whether your home system is up evry minute.  Most of 
>the time it isn't, but when you boot your home system it makes a secure 
>ssh connection and then starts up the new network interface between the 
>two systems.
>

Ya. But I *want* to have to type in the password(s) to establish the 
connection. In fact, I don't want the office box to ever get connected 
unless I'm sitting there doing it on purpose.

>
>I'll try to look it up this weekend.
>

That would be great. It doesn't sound like I can use it directly but 
maybe it'll clue me in on the right direction.

>
>Michael
>
>  
>

Thanks!
James

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list