Friday, October 03, 2008
port forwarding using ssh
note to self
ssh can be used in the below way to forward traffic over a secure channel, to make otherwise un-secure ( plain ) traffic to be encrypted.
ssh access to the destination sever is required for this to work.
For an example, to secure POP3 communications with a mail server at a.b.c.d one can do something like below on their local machine.
ssh -N -f -L 127.0.0.1:1100:a.b.c.d:110 user@a.b.c.d
-f is to put the connection to the background
-N to wait infinitely for incoming connections
-L binds the tunnel to the specified port ( 1100 in this case )
this will create a ssh tunnel bound to the local port 1100 with port 110 of a.b.c.d
@a.b.c.d performs the authentication via ssh with the a.b.c.d
once this is done, the POP client can be re-configured to talk to local port 1100. ssh will happily encrypt and decrypt what you put in the tunnel from the end-points. This mechanism can be used to secure systems that are not built with such capabilities.
when you want to stop the tunnel, you can simply use "kill"
--
FAQ at www.openssh.com was quite helpful in figuring this out. thanks bud for pointing out such things can be easily done with ssh. :)
Subscribe to:
Post Comments (Atom)
changing opnsense mtu
note to self When an OpnSense is deployed on Proxmox environment where MTU is <1500, it doesn't seem to auto-detect and leaves the O...
-
note to self RHN doesn't seem to play well with download managers. "wget" used to be good but noticed a small problem lately...
-
Below is procedure i used in integrating squid with OpenLDAP, and the Active Directory with the information gathered from numerous google se...
No comments:
Post a Comment