[TriLUG] SSHD listen on external interface ONLY
Alan Porter
porter at trilug.org
Tue Nov 28 11:37:50 EST 2006
I have a mail server at home, and I want to be able to listen
to port 25 on another machine at a hosting facility. Currently,
I use "rinetd" to forward connections from the hosted machine
to my home machine. That works great, with a few quirks:
- I have to open up a port on my home machine to accept
connections from rinetd (remember, some ISP's block some
incoming ports).
- All incoming connections appear to come from my remote machine;
the original connecting IP is lost in the process (but at least
rinetd is nice enough to log it).
- If my home address is not resolvable, or if my IP address
changes, rinetd fails. [1]
Instead, I would like to try this with an SSH tunnel:
home$ ssh -R 25:localhost:25 root at remote.domain.com -g -N &
The problem is, when I use the "-g" option to listen on all
interfaces, it interferes with postfix which is already running
on the remote machine (listening on lo only).
For the time being, let's assume that we want to leave postfix
running on the remote server.
So here's my question: can I tell the remote sshd to listen on
a specific interface and not all interfaces? Is there some
option that I can pass to ssh to do this?
Alan
[1] If my DSL service goes out at home, I can use my neighbor's
WLAN to get out to the internet via his cable modem. SSH works in
this case, because the connection is going OUT from my home through
my neighbor's network to the remote site. Same thing would work if
I were traveling and I wanted to take my mail server with me.
More information about the TriLUG
mailing list