| View previous topic :: View next topic |
| Author |
Message |
Ricky
Guru
Joined: 30 May 2003
Posts: 341
|
 Posted: Wed Jun 18, 2003 2:50 am Post subject: SSH port forwarding |
 |
|
So, I'm trying to help someone secure their FileMaker pro usage with ssh and port forwarding. I've told him how to set it up, and he seems to have got it all working. (This is all via e-mail, mind you.)
Now, the question he's hit me with: Is there a way to force the remote user to use the ssh forwarding? I.e. is there a way to guarantee that the user can't just choose to connect to the server without ssh?
My current theory is that you can set up a firewall to block outside requests to the port, and the ssh server's forwarding would still work. Is this true? It seems to me that the forwarding of the port from ssh to the FileMaker server should be local to the server, and therefore be able to be allowed through the firewall w/o letting everything else in. I don't have a similiar set-up here to test it out with, so I was wondering if anyone with a more concrete knowledge of ssh could let me know whether or not I'm barking up the wrong tree. Or, better yet, if there's a better solution to this that I haven't thought of.
Thanks! 
P.S. The ssh server and the filemaker server are running on the same box. |
|
| Back to top |
|
 |
dberkholz
Retired Dev
Joined: 18 Mar 2003
Posts: 1008
Location: Minneapolis, MN, USA
|
| Posted: Wed Jun 18, 2003 4:10 am Post subject: |
|
|
| The port forwarding should be entirely internal. So you should have no problem blocking that port on your outside interface (e.g., eth0) and allowing it from your internal interface (e.g., lo), afaik. However, I'm not an iptables expert. Try it and see. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
