FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 10-14-2011, 04:13 AM
"KC8LDO"
 
Default Remote access

Is there a way to use ssh to get through a firewall for remote access to a
system? The situation I'm looking at is a Fedora system sitting behind a
company firewall, which I have no control over, that I wish to gain access
to by logging into it over the Internet from a remote computer. In other
words the connection is initiated from outside of the firewalled company
network.

What I'm thinking is using ssh to forward a port, 3389, to another computer
on my own private network (also behind a firewall and NAT router) at home
acting as a middle man. Then from another computer, lets say at a hotel,
logging in to the same computer on my private home network and have it pass
traffic bidirectionaly between the two end point computers.

Is this something than can be done using ssh and if so how? I would also
like to have the remote Fedora system connection to the middle man computer
remain even if the remote computer is not connected.

Regards,

Leland C. Scott
KC8LDO

"The most reliable components
are the ones you leave out."

Gordon Bell, father of the
minicomputer at DEC.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-14-2011, 04:32 AM
Scott Rouse
 
Default Remote access

On Oct 14, 2011 12:13 AM, "KC8LDO" <kc8ldo@arrl.net> wrote:

>

> Is there a way to use ssh to get through a firewall for remote access to a

> system? The situation I'm looking at is a Fedora system sitting behind a

> company firewall, which I have no control over, that I wish to gain access

> to by logging into it over the Internet from a remote computer. In other

> words the connection is initiated from outside of the firewalled company

> network.

>

> What I'm thinking is using ssh to forward a port, 3389, to another computer

> on my own private network (also behind a firewall and NAT router) at home

> acting as a middle man. Then from another computer, lets say at a hotel,

> logging in to the same computer on my private home network and have it pass

> traffic bidirectionaly between the two end point computers.

>

> Is this something than can be done using ssh and if so how? I would also

> like to have the remote Fedora system connection to the middle man computer

> remain even if the remote computer is not connected.

>

> Regards,

>

> Leland C. Scott

> KC8LDO

>

> "The most reliable components

> *are the ones you leave out."

>

> Gordon Bell, father of the

> minicomputer at DEC.

>

> --

> users mailing list

> users@lists.fedoraproject.org

> To unsubscribe or change subscription options:

> https://admin.fedoraproject.org/mailman/listinfo/users

> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


There are many companies that would frown upon doing what you are proposing.* I would suggest that you talk to your network/firewall admin and see if they will make an allowance for you.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-14-2011, 06:39 AM
Alain Spineux
 
Default Remote access

On Fri, Oct 14, 2011 at 6:13 AM, KC8LDO <kc8ldo@arrl.net> wrote:
> Is there a way to use ssh to get through a firewall for remote access to a
> system? The situation I'm looking at is a Fedora system sitting behind a
> company firewall, which I have no control over, that I wish to gain access
> to by logging into it over the Internet from a remote computer. In other
> words the connection is initiated from outside of the firewalled company
> network.
>
> What I'm thinking is using ssh to forward a port, 3389, to another computer
> on my own private network (also behind a firewall and NAT router) at home
> acting as a middle man. Then from another computer, lets say at a hotel,
> logging in to the same computer on my private home network and have it pass
> traffic bidirectionaly between the two end point computers.
>
> Is this something than can be done using ssh and if so how? I would also
> like to have the remote Fedora system connection to the middle man computer
> remain even if the remote computer is not connected.

tcpproxyreflector does exactly what you want. Install it on the 3
computers and run it :

- as a server at home, to get connection from the the client and console
- as the client at work, to open and keep the the connection open with home
- as a console on your laptop at the hotel to activate a tunnel and
connect through SSH or directly on port "3389" to another computer
inside the company.

http://blog.magiksys.net/software/tcp-proxy-reflector

Have fun

>
> Regards,
>
> Leland C. Scott
> KC8LDO
>
> "The most reliable components
> *are the ones you leave out."
>
> Gordon Bell, father of the
> minicomputer at DEC.
>
> --
> users mailing list
> users@lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>



--
Alain Spineux * * * * * * * * * | *aspineux gmail com
Monitor your iT & Backups | *http://www.magikmon.com
Free Backup front-end * * * | http://www.magikmon.com/mksbackup
Your email 100% available | *http://www.emailgency.com
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-14-2011, 11:05 AM
Marko Vojinovic
 
Default Remote access

On Friday 14 October 2011 05:13:53 KC8LDO wrote:
> Is there a way to use ssh to get through a firewall for remote access to a
> system? The situation I'm looking at is a Fedora system sitting behind a
> company firewall, which I have no control over, that I wish to gain access
> to by logging into it over the Internet from a remote computer. In other
> words the connection is initiated from outside of the firewalled company
> network.
>
> What I'm thinking is using ssh to forward a port, 3389, to another computer
> on my own private network (also behind a firewall and NAT router) at home
> acting as a middle man. Then from another computer, lets say at a hotel,
> logging in to the same computer on my private home network and have it pass
> traffic bidirectionaly between the two end point computers.
>
> Is this something than can be done using ssh and if so how? I would also
> like to have the remote Fedora system connection to the middle man computer
> remain even if the remote computer is not connected.

You want to look into OpenVPN. It does take some time to read the docs and set
it up, but it's worth it.

http://openvpn.net/index.php/open-source.html

Essentially, it adds a virtual ethernet device (called tap) to each machine,
and connects these into a virtual LAN. From that point on you can do whatever
you want, as if the machines were next to each other in the same room,
connected to an ethernet switch.

It may happen that the default openvpn port is blocked by the company firewall.
In that case just reconfigure your machines to use openvpn on some port that is
not blocked. Other than that, openvpn will work for you all over the globe,
and it is completely under your control.

Best, :-)
Marko

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-14-2011, 11:26 AM
Marko Vojinovic
 
Default Remote access

On Friday 14 October 2011 05:32:23 Scott Rouse wrote:
> On Oct 14, 2011 12:13 AM, "KC8LDO" <kc8ldo@arrl.net> wrote:
> > Is there a way to use ssh to get through a firewall for remote access to
> > a system? The situation I'm looking at is a Fedora system sitting behind
> > a company firewall, which I have no control over, that I wish to gain
> > access to by logging into it over the Internet from a remote computer.
> > In other words the connection is initiated from outside of the
> > firewalled company network.
>
> There are many companies that would frown upon doing what you are
> proposing. I would suggest that you talk to your network/firewall admin
> and see if they will make an allowance for you.

True, and that is usually the best option. The drawback being that you are
putting yourself at mercy of the firewall admin, who might be lazy,
incompetent, or ignorant (which is sometimes the case), or have a boss that is
one of those things (which is the case quite often).

However, every serious firewall admin should know that the firewall is a one-way
barrier, protecting local users from the outside attack, and having in
principle no way to protect the outside world from the local user. Or in the
words of the firewall-piercing HOWTO
( http://tldp.org/HOWTO/Firewall-Piercing ):

<quote>
A firewall cannot protect a network against its own internal users, and should
not even try to.
</quote>

So, if the OP asks his admin to allow him the access, and is refused, I think
it is perfectly legitimate to DIY and pierce a connection through.

Best, :-)
Marko





--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 09:33 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org