* alex medvedev wrote on Sat, Oct 14, 2000 at 14:59 -0500:
machine_inside ---- FW ----- internet ---- machine_outside
can a user sitting on the secured by the firewall (FW) machine_inside ssh out to the machine_outside, then display an xterm from the machine_inside on the screen of the machine_outside? so that a user of the machine_outside can type commands on the machine_inside.
Is the firewall doing NAT/PAT/Masquerading? If not, it should make no difference if you connect from internal to external or vice versa if the firewall is configured well.
this is important since i was told that this is possible.
Impossible is wrong, at least you could set up a VPN tunnel with ssh and pppd, in that case you could sent anythink you like as long as the firewall allows ssh connections from one machine to the other.
if this is possible then ssh can be a door for people who do not have a dialup to get in from the outside but have ssh access...
If you can connect to inside from outside via ssh, ssh should have no problem with X-forwarding at all! If you can connect from inside to outside only, you'll have to do more than just connect :) But this is a different question... oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.