| View previous topic :: View next topic |
| Author |
Message |
flipper203
n00b
Joined: 07 Aug 2005
Posts: 32
Location: Paris
|
 Posted: Wed Apr 26, 2006 8:35 pm Post subject: SSH Tunnel to connect from work to home |
 |
|
Hello,
when I am at work, I can't connect to my home ssh server. I would like to know how I can manage this. Let me give you the situation:
At work I connect to internet via a firewall with login and password. What I would like is being able to connect to my home ssh server through the port 80 of the firewall at work, because this port only is allowed to go to the 'internet' world. At work, I use windows, with putty to connect to ssh.
Thanks |
|
| Back to top |
|
 |
msalerno
Veteran
Joined: 17 Dec 2002
Posts: 1338
Location: Sweating in South Florida
|
| Posted: Wed Apr 26, 2006 9:44 pm Post subject: |
|
|
Try setting your ssh server to listen on port 443. It might work, it might not. It reallly depends on the network at your office.
If you are asking how to change the ssh port, check out /etc/ssh/sshd_config |
|
| Back to top |
|
|
tutaepaki
Apprentice
Joined: 11 Nov 2003
Posts: 279
Location: New Zealand
|
| Posted: Wed Apr 26, 2006 11:17 pm Post subject: |
|
|
Putty has an option in the config to support a proxy which uses basic authentication. Try that first. whether that works depends on what 'connect method' ports your proxy/firewall will allow outbound from the proxy.
If it doesn't work just by configuring the proxy options in putty, you'll probably have to change your ssh server port as msalerno suggests. |
|
| Back to top |
|
|
flipper203
n00b
Joined: 07 Aug 2005
Posts: 32
Location: Paris
|
| Posted: Thu Apr 27, 2006 8:17 am Post subject: |
|
|
| The thing is I already run the ssh server on the port 1936, so not the 22, but it doesn't work |
|
| Back to top |
|
|
kill[h]er
n00b
Joined: 02 Sep 2003
Posts: 30
|
| Posted: Thu Apr 27, 2006 12:20 pm Post subject: |
|
|
but is your work's firewall allowing traffic out on port 1936? you don't specify. you also don't specify if you are using a firewall at home and if it's configured properly.
Here's how I did what you are trying to do when my work was blocking port 22 outbound. They were not blocking other common ports (21, 23, 53, 80, 443), so I chose port 21. On the target at home (i'll call it Server), I left sshd running on port 22. On my firewall at home (HomeFW) I set it up to forward incoming port 21 to port 22 on Server. From work, I'd use putty to ssh to HomeFW on port 21.
So it looked like this:
Work --> Putty out on Port 21 --> WorkFW lets me out --> HomeFW takes in 21 --> and passes it to port 22 on Server!
Easy. |
|
| Back to top |
|
|
BitJam
Advocate
Joined: 12 Aug 2003
Posts: 2513
Location: Silver City, NM
|
| Posted: Thu Apr 27, 2006 12:47 pm Post subject: |
|
|
If the firewall at your work only allows outgoing connections through port 80 it is almost certainly because they don't want you creating encrypted tunnels such as with ssh. Companies often do this so that their employees can still access the web but all traffic is unencrypted and logged (especially outbound traffic) so they can monitor all information leaving the company.
If you disagree with the company's policy, you should discuss it with them. Perhaps they will make an exception in your case. But just circumventing their security system sounds unethical and possibly illegal. |
|
| Back to top |
|
|
kill[h]er
n00b
Joined: 02 Sep 2003
Posts: 30
|
| Posted: Thu Apr 27, 2006 1:11 pm Post subject: |
|
|
| very good point, yes. doing what I described could get you fired depending on your company's policies and don't come blaming me for it. |
|
| Back to top |
|
|
flipper203
n00b
Joined: 07 Aug 2005
Posts: 32
Location: Paris
|
| Posted: Thu Apr 27, 2006 1:49 pm Post subject: |
|
|
well that s fair, I just wanted to know if it was possible, that's all
Thanks for your help |
|
| Back to top |
|
|
|
Networking & Security
