Can I port forward to an established reverse ssh tunnel

Posted by Ben Holness on Server Fault See other posts from Server Fault or by Ben Holness
Published on 2010-04-26T23:49:06Z Indexed on 2010/04/26 23:53 UTC
Read the original article Hit count: 359

Filed under:

reverse

|

ssh

|

port-forwarding

I have three computers, A, B and C

A has initiated a reverse ssh tunnel to B:

ssh -nTNx -p 443 -R 22222:localhost:22 [user]@[server]

If I log in to B, I can use 'ssh -p 22222 localhost' and I get a login prompt for A. If I try 'ssh -p 22222 [public IP of B]', it doesn't work

What I would like to be able to do is have C connect to A without needing to login to B. So from C I could 'ssh -p 22222 [public IP of B]' and I would get the login prompt for A.

I am using debian and shorewall and I have a basic understanding of how things work. I have tried various combinations of REDIRECT and DNAT rules, but haven't had any luck. I have tried using the same port (22222) and a different port (forwarding 22223 from C to 22222 on localhost).

Any ideas?

Cheers,

Ben

© Server Fault or respective owner

Related posts about reverse

IPtables AWS EC2 NAT/Reverse NAT - For Reverse Proxy style setup but with IPtables

as seen on Server Fault - Search for 'Server Fault'
I was thinking initially needing to do a reverse proxy or something so I could get some SSL/TLS traffic look like it is being terminated at a server and IP address in the AWS cloud, and then that traffic is forwarded onto our actual web servers that aren't in the cloud... I've not done much iptables… >>> More
Reverse DNS does not match SMTP banner vs Reverse DNS mismatch

as seen on Server Fault - Search for 'Server Fault'
I have to make decision whether my Reverse DNS should match SMTP banner but Reverse DNS to DNS and vice versa stays different or vice versa. Which one to choose? I have an 2x Exchange 2010 server with one SMTP Sender with TMG 2010. TMG has 2 links connected so that we have 2 separate internet providers… >>> More
Django Class Views and Reverse Urls

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a good many class based views that use reverse(name, args) to find urls and pass this to templates. However, the problem is class based views must be instantiated before urlpatterns can be defined. This means the class is instantiated while urlpatterns is empty leading to reverse throwing errors… >>> More
Decompilers - Myth or Fact ?

as seen on Programmers - Search for 'Programmers'
Lately I have been thinking of application security and binaries and decompilers. (FYI- Decompilers is just an anti-complier, the purpose is to get the source back from the binary) Is there such thing as "Perfect Decompiler"? or are binaries safe from reverse engineering? (For clarity sake, by "Perfect"… >>> More
Salaries in reverse engineering fields [closed]

as seen on Programmers - Search for 'Programmers'
I bumped into an old friend at a conference and he told me he was now a consultant doing reverse engineering. I don't have much knowledge of this particular area, but this person (that I can't manage to get in touch with now) just casually mentioned that he was earning big bucks. I was hoping someone… >>> More

Related posts about ssh

Problem with hadoop start-dfs.sh

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I installed and configured hadoop on my Ubuntu 14.04 server, virtualized inside of hyper-v, however I am getting an issue when i run start-dfs.sh root@sUbuntu01:/var/log# start-dfs.sh 14/06/04 15:27:08 WARN util.NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java… >>> More
SSH problems (ssh_exchange_identification: read: Connection reset by peer)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I was running 11.10 and decided to do the full upgrade and come up to 12.04 after the update SSH (not SSHD) is now misbehaving when attempting to connect to other OpenSSH instances. I say OpenSSH as I am running a DropBear sshd on my router and I am able to connect to it. When attempting to connect… >>> More
SSH main process ended

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a running ubuntu server 10.04.1. When I tried to login to the server via ssh, I could not. Instead, I got connection refused error. I tried to ping the machine and I got reply! So, the clear reason is that SSH daemon is stopped. After reboot, I was able to login to my server via ssh. After… >>> More
SSH server not working (respawns until stopped)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a running Ubuntu Server 10.04.1. When I tried to login to the server via ssh, I could not. Instead, I got connection refused error. I tried to ping the machine and I got reply! So, the clear reason is that SSH daemon is stopped. After reboot, I was able to login to my server via ssh. After… >>> More
Cannot SSH after resetting firewall on VPS

as seen on Server Fault - Search for 'Server Fault'
I'm having trouble trying to SSH to my Debian 5 VPS with blacknight. It was working fine until I did the following: Logged into 'Parallels Infrastructure Manager' - Container - Firewall - Set to 'Normal Firewall settings'. It told me there was an error with the IPTables and offered the option again… >>> More