[arch-general] SSH Tunnel doubts

David J. Haines dhaines at gmail.com
Tue Jul 19 09:26:47 EDT 2011 

On Tue, Jul 19, 2011 at 8:01 AM, Sven-Hendrik Haase <sh at lutzhaase.com>wrote:

> On 07/19/2011 01:49 PM, David J. Haines wrote:
>
>> On Mon, Jul 18, 2011 at 8:57 PM, Daniel Hilst Selli
>> <danielhilst at gmail.com>wrote:
>>
>>  Em 18-07-2011 18:14, Sven-Hendrik Haase escreveu:
>>>
>>>  On 07/18/2011 10:03 PM, David J. Haines wrote:
>>>
>>>> And yet, it doesn't touch on forwarding of anything other than X11 data.
>>>>>
>>>>> To answer the original question, you're missing the host you're trying
>>>>> to
>>>>> connect to, but I'll fill in the blanks
>>>>>
>>>>> ssh -L X:host1:Y host2 means open a connection to host2, including
>>>>> shell,
>>>>> and forward anything sent to localhost on port X to host1 on port Y.
>>>>> Host1
>>>>> and host2 can be the same machine. This comes in useful for things like
>>>>> forwarding VNC securely, e.g. ssh -L 60000:remotevncserver:5901
>>>>> remotevncserver and then connecting to the vncserver at localhost:60000
>>>>>
>>>>> ssh -R X:host1:Y host2 means open a connection to host2, including
>>>>> shell,
>>>>> and then host2 should listen on port X for connections, which it will
>>>>> then
>>>>> send back to your local host, which will forward the connection on to
>>>>> host1
>>>>> on port Y.
>>>>>
>>>>> In your example you're missing the host you're connecting to, but I can
>>>>> tell
>>>>> you that:
>>>>>
>>>>> ssh 192.168.1.200
>>>>> ssh -L 1000:192.168.1.100:2000 192.168.1.100
>>>>>
>>>>> when you start from 192.168.1.100 is functionally equivalent to
>>>>>
>>>>> ssh -R 1000:192.168.1.100:2000 192.168.1.200
>>>>>
>>>>> when you start from 192.168.1.100, in that both solutions will forward
>>>>> a
>>>>> connection from 192.168.1.200:1000 to 192.168.1.100:2000 (I didn't use
>>>>> the
>>>>> port 22 from your example, as that would imply that ssh wasn't running
>>>>> there, so you'd need to use -p and other messiness).
>>>>>
>>>>> Hope this helps,
>>>>>
>>>>> David J. Haines
>>>>> dhaines at gmail.com
>>>>>
>>>>>
>>>>> On Mon, Jul 18, 2011 at 3:12 PM, Jeffrey Lynn Parke Jr.<
>>>>> jeffrey.parke at gmail.com>   wrote:
>>>>>
>>>>>  On Mon, Jul 18, 2011 at 2:05 PM, Daniel.<danielhilst at gmail.com>
>>>>> wrote:
>>>>>
>>>>>>  I have some doubts about traffic forwarding
>>>>>>
>>>>>>> Supposing that my IP is 192.168.1.100
>>>>>>> and the remote is 192.168.1.200
>>>>>>>
>>>>>>> is this ->   ssh -R 1000:192.168.1.200:22
>>>>>>> the same as this:
>>>>>>> ssh 192.168.1.200
>>>>>>> ssh -L 1000:192.168.1.100:22
>>>>>>>
>>>>>>>
>>>>>>> ???
>>>>>>>
>>>>>>> --
>>>>>>> *"Do or do not. There is no try"*
>>>>>>> *  **Yoda Master*
>>>>>>>
>>>>>>>
>>>>>>>  You may want to read the wiki article for ssh.
>>>>>> https://wiki.archlinux.org/****index.php/SSH<https://wiki.archlinux.org/**index.php/SSH>
>>>>>> <https://wiki.**archlinux.org/index.php/SSH<https://wiki.archlinux.org/index.php/SSH>
>>>>>> >
>>>>>>
>>>>>>
>>>>>> It is very detailed.
>>>>>>
>>>>>>
>>>>>> --
>>>>>> "Breath Deeply and Dream"
>>>>>>
>>>>>>  Please put that in the SSH article! Also, please bottom post from now
>>>>>>
>>>>> on.
>>>>
>>>> -- Sven-Hendrik
>>>>
>>>>  Thanks for all helping .. I got it.. I was using putty and that mess up
>>> the
>>> syntax up my head..
>>>
>>> Thanks David, your explanation was really clarifying
>>>
>>> --
>>> "Do or do not... there is no try" Yoda Master
>>>
>>>  My pleasure, and there's now a section on generic forwarding on the
>> wiki,
>> right beneath the X11 forwarding section. I also included a bit about
>> acting
>> as a forwarding gateway.
>>
>> David J. Haines
>> dhaines at gmail.com
>>
> Your contribution to Arch World Domination Enterprises has been received
> and a company associate has been dispatched to your location with champagne
> and a party hat.
>
If it's to be as timely as is the current install ISO, I won't hold my
breath. ;)


David J. Haines
dhaines at gmail.com

More information about the arch-general mailing list