From owner-freebsd-questions@FreeBSD.ORG Sun Aug 8 05:45:12 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4795D106566C for ; Sun, 8 Aug 2010 05:45:12 +0000 (UTC) (envelope-from david@skytracker.ca) Received: from 3s1.com (3s1.com [209.161.205.12]) by mx1.freebsd.org (Postfix) with ESMTP id D27EB8FC0C for ; Sun, 8 Aug 2010 05:45:11 +0000 (UTC) Received: from [216.66.131.91] (216-66-131-91.dsl.look.ca [216.66.131.91]) (authenticated bits=0) by 3s1.com (8.13.8/8.13.8) with ESMTP id o785j7sS028021; Sun, 8 Aug 2010 01:45:09 -0400 (EDT) (envelope-from david@skytracker.ca) Message-ID: <4C5E445E.3090101@skytracker.ca> Date: Sun, 08 Aug 2010 01:45:02 -0400 From: David Banning User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2 MIME-Version: 1.0 To: Steven Susbauer References: <8cb14ab2da609fa44d278cee5ce5c737.squirrel@sq.3s1.com> <4C5DF9EC.8010101@too1337.com> In-Reply-To: <4C5DF9EC.8010101@too1337.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sun, 08 Aug 2010 11:04:57 +0000 Cc: freebsd-questions@freebsd.org Subject: Re: forwarding ssh X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Aug 2010 05:45:12 -0000 Thanks for that Steven. Connecting this way is only a deviation from the usually connection we use. I have several users you have X-win32 configured on their laptops on the road. I was hoping to make this change invisible to each existing user and their setup since we will be going back to the previous direct X-Win32 ssh connection soon. I'll look at the -R option that you mentioned which I was not aware of. On 8/7/2010 8:27 PM, Steven Susbauer wrote: > On 08/07/10 16:23, David Banning wrote: >> I presently am using Putty and X-Win32 and I am connecting to a remote >> machine successfully. >> >> I now need to connect using SSH over the internet -through- one machine, >> but have my SSH with a second machine on the same site - something like >> so; >> >> ssh-site1 --(internet)---> site2-(also 192.168.1.1)--> >> loc2-(192.168.1.50) >> >> I need to bridge the connection from 192.168.1.1 to 192.168.1.50 >> so I've tried in ipnat; >> > > If I hear you right, you're trying to connect to site2 over the > internet, and also connect to loc2 through the connection on site2. > > SSH can create a tunnel itself. You could use something like: > 'ssh -L 2200:loc2:22 user@site2' > > This would connect you to a shell on site2. Then on your machine open > another terminal and type: > 'ssh -p 2200 user@localhost' which would connect to loc2 port 22 using > the connection on site2. If you try to close the connection to site2, > it won't work since you're still connected to loc2. > > ssh also supports forwarding a port on the remote server using -R, but > I'm led to believe you are trying to limit the connections that get > through the site2 to loc2 and -L requires you (or someone else) to be > on local system. > > In putty this same feature is configured under Connection > SSH > > Tunnels. >