[ale] ssh -R (was Re: Have I been hacked?)

Ed Cashin ecashin at noserose.net
Fri Jan 9 12:31:31 EST 2009


On Fri, Jan 9, 2009 at 9:40 AM, Chris Kleeschulte
<chris.kleeschulte at it.libertydistribution.com> wrote:
> I use -R extensively to open "holes" in a firewall. It works nicely
> since I have to deal with customers that are behind nat devices all
> the time and I cannot or will not login to the admin  account on the
> router.
>
>
> I just email them a small program that does this. I wrote an article
> on this:
>
>
> http://kleeschulte.blogspot.com/2007/09/how-to-create-reverse-ssh-tunnel.html

Neat article, thanks.  :)

I can set up the tunnel but not use it.  On the "customer computer"
(using the terminology from your article) I added "-v" to the ssh
command and see ...

  debug1: client_request_forwarded_tcpip: listen localhost port 1100,
originator 127.0.0.1 port 57015
  debug1: channel 0: new [127.0.0.1]
  debug1: confirm forwarded-tcpip
  debug1: channel 0: not connected: Connection refused
  debug1: channel 0: free: 127.0.0.1, nchannels 1

On the other "remote" machine, I can see the listening
port.

  meili:~# lsof -i | grep :1100
  sshd      4030     ecashin    8u  IPv4  18706       TCP
localhost:1100 (LISTEN)
  sshd      4030     ecashin    9u  IPv6  18707       TCP
ip6-localhost:1100 (LISTEN)

Maybe I need to fiddle
with /etc/hosts.allow on the customer machine.  It has the line,

  sshd: 127.0.0. : allow

... which ought to work, but meh.

-- 
  Ed Cashin <ecashin at noserose.net>


More information about the Ale mailing list