Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Binding ssh to a loopback address

from [Stephen Cooke (KN)] Network Security [Permanent Link]
Subject: RE: Binding ssh to a loopback address
Date: Mon, 9 May 2005 17:09:13 +0100 
I have the following as web proxy server lives somewhere deep in the network
totally blocked from use by normal access,
I have found that if you put the -N option and -f it allows the startup of
the box to call the forward.( without it you get some odd results)

/etc/rc3.d/S99zforward
su - <ID> -c "ssh  -f -N -L8080:<PUBLIC>:8080 localhost -g -l <ID>"

replace <ID> with a none root localuser.
replace <PUBLIC> with the IP you wish to forward to.

-L listen-port:host:port   Forward local port to remote address
-l user     Log in using this user name.
-f fork into background after authentication.
-N Do not execute a shell or command
-g globally advertize the port ( required for other machines)

good luck and dont do the forward as root unless you have to.

-----Original Message-----
From: Logu [mailto:logsnaath@gmail.com]
Sent: 07 May 2005 05:19
To: secureshell@securityfocus.com
Cc: CP Lim
Subject: Re: Binding ssh to a loopback address





I was trying to forward a remote port to one at local (but not 127.0.0.1) 
by doing :

ssh -b 127.0.0.2 -L80:localhost:80 remotehost

but got :

ssh: connect to host d2 port 80: No route to host



I think you  should have an interface with IP 127.0.0.2 up before doing the 
port forwarding.



-- 
Internal Virus Database is out-of-date.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.4 - Release Date: 27/03/2005
 

-- 
Internal Virus Database is out-of-date.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.4 - Release Date: 27/03/2005
 

------------------------------------------------------------------------------
Altogether Better
www.telewest.co.uk


The information transmitted is intended only for the person or entity to which 
it is addressed and may contain confidential and/or privileged material.
Statements and opinions expressed in this e-mail may not represent those of the 
company. Any review, retransmission, dissemination or other use of, or taking 
of any action in reliance upon, this information by persons or entities other 
than the intended recipient is prohibited. If you received this in error, 
please contact the sender immediately and delete the material from any computer.

==============================================================================
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: remote ssh for root, Mark Senior
Next by Date:  Re: bash_logout and sftp, Eloi Granado
Previous by Thread:  Re: Binding ssh to a loopback address, Chen Peng Lim
Next by Thread:  Bothersome public key SCP implementations.., theta
Indexes:  [Date] [Thread] [Top] [All Lists]