Re:all You can have something running on the machine you want to SSH to that updates the machine with a fixed IP what its' IP is and have a firewall rule or some other way to redirect specific traffic like for instance traffic to TCP:22222 from that machine to the IP that it was updated to be....
2014-07-20 14:33 GMT+03:00 Erez D <erez0...@gmail.com>: > On Sun, Jul 20, 2014 at 1:30 PM, Yedidyah Bar David > <linux...@didi.bardavid.org> wrote: > > If you just want an ssh connection you can simply redirect connection > > attempts to some port on the > > Internet-accessible machine to port 22 on the private-ip one - using > > whatever tool that fits you best - > > iptables, xinetd, redir, probably many others. > > -- > > Didi > > i do not understand what do you mean > > > > > > 2014-07-20 13:31 GMT+03:00 Erez D <erez0...@gmail.com>: > >> > >> looks a little complicated - extra ssh server, firewall with port > knocking > >> all this for a ssh connection ... > >> > >> On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe <ra...@rabin.io> > >> wrote: > >> > you can add a port-knocking tool like fwknop to add a dynamic rule to > >> > forward your connection into the privet machine. > >> > > >> > -- > >> > Rabin > >> > > >> > > >> > On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0...@gmail.com> wrote: > >> >> > >> >> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanl...@gmail.com> > >> >> wrote: > >> >> > Didn't check it, but login in with a user who has /bin/true might > do > >> >> > the > >> >> > trick. > >> >> you are correct, it works. > >> >> however it is still a security risk, as this means the client may > >> >> listen on unused port ... > >> >> > >> >> > > >> >> > Kaplan > >> >> > > >> >> > > >> >> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0...@gmail.com> > wrote: > >> >> >> > >> >> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan < > kaplanl...@gmail.com> > >> >> >> wrote: > >> >> >> > ssh itself ? > >> >> >> > > >> >> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/ > >> >> >> nice, however this requires me to give access to my server, which > i > >> >> >> do > >> >> >> not want ... > >> >> >> (or, can i give people permission to ssh to my server only for > >> >> >> reverse > >> >> >> tunnels and no shell ?) > >> >> >> > >> >> >> > > >> >> >> > Kaplan > >> >> >> > > >> >> >> > > >> >> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0...@gmail.com> > >> >> >> > wrote: > >> >> >> >> > >> >> >> >> hello > >> >> >> >> > >> >> >> >> i have a linux machine with a private ip connected to the > >> >> >> >> internet > >> >> >> >> i have a public ip and need to ssh to the linux box > >> >> >> >> > >> >> >> >> any tools for that ? > >> >> >> >> > >> >> >> >> _______________________________________________ > >> >> >> >> Linux-il mailing list > >> >> >> >> Linux-il@cs.huji.ac.il > >> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il > >> >> >> > > >> >> >> > > >> >> > > >> >> > > >> >> > >> >> _______________________________________________ > >> >> Linux-il mailing list > >> >> Linux-il@cs.huji.ac.il > >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il > >> > > >> > > >> > >> _______________________________________________ > >> Linux-il mailing list > >> Linux-il@cs.huji.ac.il > >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il > > > > > > _______________________________________________ > Linux-il mailing list > Linux-il@cs.huji.ac.il > http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il >
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
