Lew Wolfgang wrote:
On 02/17/2013 05:26 PM, James Knott wrote:
I'm trying to use ssh to connect to a computer behind my firewall. Since I also ssh to my firewall, I tried to use port 21. I configured masquerading in SUSE firewall to pass port 21 to port 22 on the target system. When I try to connect, it seems to get stuck part way through the ssh key exchange init. Is there something in ssh that prevents using masquerading?
Hi James,
Ssh should be able to do this. I've done it before.
You don't have an ftp server listening on that port on your firewall, do you?
If you telnet to port 21 on your firewall from the outside do you see the ssh banner presented from the inside system? If not, maybe the firewall port forwarding syntax isn't just right?
I can see the ssh banner "SSH-2.0-OpenSSH_6.0".
Do the firewall logs show anything interesting?
There is nothing in the firewall log since Feb 7. Also, I have been watching what happens with this using Wireshark on the target computer. The last 3 lines are: SSHv2 Server: Key Exchange Init TCP 53410 > ssh [ACK Seq=22 Ack=558 Win=31584 Len=0 TCP 53410 > ssh [ACK Seq=22 Ack=1006 Win=31584 Len=0 At this point, activity stops. This sort of thing makes me glad I'm running IPv6 on my network, as when I'm away and have IPv6 access, I can go directly to that computer without having to worry about getting past NAT. Unfortunately, it's not always possible to use IPv6. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org