Protocol Encapsulation
Howard Lowndes
lannet at lannet.com.au
Sun Aug 5 09:47:28 EST 2001
Certainly the port has to be open at the server end, but you can lock it
behind a firewall. That way you need only have port 22 (ssh) accessible
through the firewall yet have any services/ports available behind the
firewall.
At the client the syntax is:
ssh -L <port_on_client>:<server>:<port_on_server> <ssh_firewall>
--
Howard.
LANNet Computing Associates
Contact detail at http://www.lannetlinux.com
On Sat, 4 Aug 2001, Mark Hummel wrote:
> Hi,
>
> I want to be able to "wrap up" access to a service on my machine,
> forcing anything to go through the same wrapper. That way I don't have to
> have a separate TCP wrapper for each service that I want.
>
> For example, consider telnet. I don't simply want to add the service in
> inetd.conf - I want to force users to go via ssh. Ssh port forwarding
> doesn't seem to do the trick, because the port I forward to has to be
> open, does it not?
>
> And, if the port has to be open, users can connect to the port directly.
>
> Any advice?
>
> Thanks,
>
> mark.
>
>
>
More information about the linux
mailing list