Remote port forwarding (binding to *)
Wim Vinckier
wimpunk at gmail.com
Wed Sep 13 14:33:05 WST 2006
On 9/13/06, Matt Johnston <matt at ucc.asn.au> wrote:
> On Tue, Sep 12, 2006 at 10:02:38PM +0200, Alex Still wrote:
> > I'm trying to do this :
> >
> > baculaserver-----router1-----<public net>-----router2-----laptop
> >
> > Baculaserver and laptop are NAT'ed on their respective network. What im
> > trying to do is SSH from laptop to router1 (running dropbear) and remote
> > forward a port from there back to the laptop running the bacula client.
> > That's why I need the remote forwarding to work on all interfaces on
> > router1.
> >
> > >From laptop : ssh -R 3000:localhost:2000 alex at router1
> > On router I see :
> > netstat :
> > tcp 0 0 localhost:3000 *:* LISTEN
> >
> > I hope this is more clear and that i haven't missed anything obvious !
>
> Thanks, that's clear :)
>
> I've just noticed that OpenSSH ~4.0 added an extra feature to
> -R, and it now binds to localhost by default (rather than
> 0.0.0.0 and letting the remote side restrict it further).
>
> -R [bind_address:]port:host:hostport
>
> So I think you'll want to use "ssh -R :3000:localhost:2000 alex at router1"
> (an empty bind_address or '*' means any interface). You'll
> still need -a for Dropbear (equivalent to GatewayPorts
> mentioned in the ssh manpage).
>
>
> Matt
>
don't you need this from your laptop
ssh -L 2000:localhost:3000 alex at router1
so you can connect from your laptop to localhost:2000?
wim.
More information about the Dropbear
mailing list