Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

ssh tunneling: ssh_exchange_identification
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
DenOuwenBelg
n00b
n00b


Joined: 27 Jun 2003
Posts: 2
PostPosted: Sat Feb 14, 2004 11:53 am    Post subject: ssh tunneling: ssh_exchange_identification Reply with quote
Hi all,

I have a problem setting up an ssh tunnel. Can you tell me what I'm doing wrong?

The situation is like this: There are 3 computers, let's call them home, remoteFirewall and remoteTarget.

I want to set up tunnels so that when I execute: "ssh localhost" on home,
I actually connect to remoteTarget.

I can ssh to remoteFirewall from home, and once I'm on remoteFirewall, I can do ssh remoteTarget. That works.

So I tried this to create a tunnel:
on home -> ssh -L22:remoteFirewall:9999 remoteFirewall
on remoteFirewall -> ssh -L9999:remoteTarget:22 remoteTarget

So far so good.

but when I try this on home:
ssh localhost
I get the following error message:

ssh_exchange_identification: Connection closed by remote host

The next thing I tried was this:
ssh -L22:remoteFirewall:22 remoteFirewall
and than
ssh localhost

As far as I understand ssh, doing this "ssh localhost" and "ssh remoteFirewall" should be equivalent, right?

Does any one have an idea of what I'm doing wrong?

Thanks in advance!

YD
Back to top
View user's profile Send private message
nielchiano
Veteran
Veteran


Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
PostPosted: Sat Feb 14, 2004 12:02 pm    Post subject: Reply with quote
I'm not sure if it's supposed to work that way, but you are tunneling to much.

just try this:

ssh into remoteFirewall and request a tunnel: -L22:remoteTarger:22
then connect ssh localhost

this will make an ssh connection from home to firewall, and one from home to remoteTarget (in 2 hops, home --> remoteFirewall is double SSh'd, remoteFirewall is only once SSH'd)
Back to top
View user's profile Send private message
DenOuwenBelg
n00b
n00b


Joined: 27 Jun 2003
Posts: 2
PostPosted: Sat Feb 14, 2004 12:26 pm    Post subject: Reply with quote
Hi Nielchiano,

I'm only root on home, so I can't forward privileged ports on the other machines.

But as I added in my previous post, I've tried to forward port 22 on home to port 22 on remoteFirewall, and that didn't work either.
It gave me the same error message.

Any other ideas?
Back to top
View user's profile Send private message
nielchiano
Veteran
Veteran


Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
PostPosted: Sat Feb 14, 2004 12:39 pm    Post subject: Reply with quote
i know the situation... but it works with me... maybe not on the priv-ports...

the thing that works with me is:
connect from A to B, ask port forward -L22222:C:22222
then connect from A to A:22222 and get response from C

IMHO you should be allowed to forward TO privileged ports, so -L22:remoteTarget:22 should (IMHO) work, since you request a privileged port LOCALY (where you are root) and connect to somewhere remote.

you can also try -L22222:remoteTarget:22
and then do ssh -p 22222 localhost
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy