John Andersen wrote:
On Tuesday 10 May 2005 02:39 am, Dave Howorth wrote:
I have [SuSE] machines at home and at work. I'd like to be able to connect to my machine at work from home and use X-based applications, copy files etc. But from home I have to login to a gateway machine at work and from there I can connect to my own machine. This is done by our administrators for security reasons. The login to the gateway is via ssh.
Why can't you just ssh directly home? Is this so called administrator under the impression that an outbound ssh connection is a threat but a web browser connection is not?
I'm not sure I follow your idea here. I want to contact my work machine from home. Are you suggesting I login to the gateway, then to my work machine and then use ssh to log back in to my home machine? I'm not familiar enough with ssh to understand how that lets me start X clients on my work machine that use my home machine for the display. What are the appropriate ssh command line options - I get confused about them.
And if outbound ssh is a threat (which of course means they don't trust their own employees) why on earth would he allow you to log into a gateway and do it that way?
I don't think any sysadmin/company in his/her/its right mind trusts its employees absolutely :) Most of the blocks at our site are to protect the network from attacks and legal liability and to protect the users from themselves. Some of the students and perhaps others don't understand the consequences of some of the things you can do on the net.
And assuming that you can browse the web from work, why not just make your home ssh server at home run on some convenient port such as 443 which the mighty administrator can't reasonably block as it is used for ssl web browser sessions?
Cheers, Dave -- Dave Howorth MRC Centre for Protein Engineering Hills Road, Cambridge, CB2 2QH 01223 252960