Mailinglist Archive: opensuse (2459 mails)
| < Previous | Next > |
Re: [opensuse] ssh port forwarding + router = headache
- From: Jason Craig <jacraig@xxxxxxxxxx>
- Date: Mon, 17 Mar 2008 17:05:20 -0600
- Message-id: <47DEF930.1010102@xxxxxxxxxx>
ka1ifq wrote:
I was under the impression that there is no need to open port 1234 in this case, that being one of the reasons behind using the SSH tunnel; the other being that the data is encrypted when transported of the interwebs. Does the ssh tunneling not work as I interpret it?
My interpretation, given by various web literature and 'man ssh' tells me that data sent by a client connected on a socket of the 1234 port of the local computer is sent encrypted across the SSH socket (port 22) and is received by the host computer on the SSH socket (like any other data/commands in an SSH session) and the SSH daemon on the host computer is connected ('locally; with respect to the host) to a socket on the1234 port of the host computer, and since my openSUSE firewall on the host is not set to filter the "local" zone, I do not need to open the 1234 port. At any rate, opening this port does not help.
Thanks,
--Jason
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
On Friday 14 March 2008 07:30:18 pm you wrote:
<snip> I can SSH to the the domainYou say you opened the ssh port (22), did you open port 1234 that you defined on the command line for the tunnel??
name and it works just fine, doing exactly as I expect.
However, once I try to "tunnel" or "forward" a port like so
ssh -L 1234:domain:1234 -N domain -l user
It prompts me for a password and logs in fine, but I can't get the
client program to connect with the server (through localhost:1234).
However, if I am on the local network and do the following
ssh -L 1234:192.168.X.X:1234 -N 192.168.X.X -l user
, which works fine, it logs in and my client program connects (through
localhost:1234) with the server fine. So the problem is, from either
inside or outside the local network, attempting an SSH tunnel with the
domain name fails.
What am I missing? <snip>
Mike
I was under the impression that there is no need to open port 1234 in this case, that being one of the reasons behind using the SSH tunnel; the other being that the data is encrypted when transported of the interwebs. Does the ssh tunneling not work as I interpret it?
My interpretation, given by various web literature and 'man ssh' tells me that data sent by a client connected on a socket of the 1234 port of the local computer is sent encrypted across the SSH socket (port 22) and is received by the host computer on the SSH socket (like any other data/commands in an SSH session) and the SSH daemon on the host computer is connected ('locally; with respect to the host) to a socket on the1234 port of the host computer, and since my openSUSE firewall on the host is not set to filter the "local" zone, I do not need to open the 1234 port. At any rate, opening this port does not help.
Thanks,
--Jason
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |