[TriLUG] sftp/ssh to boxes behind a firewall

John F. Davis davis at trilug.org
Wed Apr 4 11:13:38 EDT 2007


On Wed, Apr 04, 2007 at 08:16:06AM -0400, Roy Vestal wrote:
> I'm looking for the best/easiest way to do this.
> 

> Currently, I ssh to machine 1, then have to ssh to machine 2. Is there 
> anyway, using ssh to create a kind of tunnel like I can with vnc over 


Hello Roy,

You can run ssh on the box behind the firewall on normal port.  Simply
add a firewall rule that redirects traffic from a nonstandard port to
the box.  

ie. port 2230 goes to ip x.x.x.30 port 22
    port 2231 goes to ip x.x.x.31 port 22

etc.

Here is an example which routes telnet to a "server" which then forwards
it to a "target".

[0:0] -A PREROUTING -i ! eth1 -p tcp -m tcp --dport 6730 -j DNAT
--to-destination 192.168.0.30:23 




More information about the TriLUG mailing list