SSH + firewall

[Pallas Giorgos]

Αναφορά σε... Sotiris Tsimbonis <stsimb at hellug.gr>:

> On Tue, 26 Dec 2000, Giorgos Pallas wrote:
> > Esto exoume ena mixanima A piso apo firewall pou ylopoieitai me
> access-lists
> > ston router. To firewall DEN epitrepei ssh apo ekso.Sto mixanima A
> exoume
> > kanoniko logariasmo, shell ktl. Yparxei kanenas tropos me forwarding
> ontas
> > ap'ekso na anoiksoume shell sto A ??
> 
> An o router afhnei ssh pros ta e3w, tote xreiazesai apla ena shell se
> allo
> mhxanima pou exei ssh. Sto mhxanima A (estw me IP 10.11.12.13) trexeis:
> ssh allo.mhxanima.gr -R 30000:10.11.12.13:22
> 
> kaneis login sto allo.mhxanima.gr kai afhneis to shell sou idle..
> 
> meta mporeis na mpeis sto 10.11.12.13 apo opoudhpote..
> ssh -p 30000 allo.mhxanima.gr
> 

File Sotiri euxaristo poly, leitourgise. An kai ypotheto logo configuration ton 
ssh servers sta mixanimata synantisa diafora mikroempodia, opos :
1. Eno logika tha eprepe na mporo apo ena mixanima X na kano ssh -p 30000 
allo.mixanima.gr opote i syndesi sto port 30000 tha ginotan forwarding sto port 
22 tou firewalled mixanimatos, etroga ena minima oti secure connection to port 
30000 refused. Giati arrage to mixanima allo.mixanima.gr den me afine na 
syndetho? [ennoeitai oti exo logariasmo se ola ta anaferomena mixanimata] To 
zitima "lythike" giati mpaino sto allo.mixanima.gr kai dino ssh -p 30000 
localhost kai OK. An doso ssh -p 30000 allo.mixanima.gr den paizei. Periergo?

Skeftomoun ystera oti o tyxon malicious administrator tou allou.mixanimatos.gr 
ypokleptei (kryfokoitontas remotely to virtual termatiko mou, ginete ee?) tin 
passphrase mou, kanei login san ego, kai pernaei sto firewall...

Kales Giortes

Giorgos Pallas