20 April 2012

121. Connection to remote server via an intermediary server

We have three computers: A, B and C

A is our desktop. C is a remote computer we want to connect to. B is a server in the middle.

For various reasons we want to first connect from A to B, then from B to C. A scenario is where C is behind a firewall bridged by B.

A specific scenario is this:
I have a linksys router, e.g. Terbium.internet.com, which manages the network in a lab. There are several computers on the network in the lab behind Terbium: Sulfur, Phosphorous, Oxygen (192.168.1.106) etc.
My home computer is Niobium.

Terbium is a linksys router (W54G) running tomato and you have to log in as root using a keyfile.
Oxygen is a debian box where I have a personal account as user verahill.

The ugly method:
In the same terminal on computer Niobium do
ssh root@terbium.internet.com
ssh verahill@192.168.1.106

This works fine for working remotely on oxygen (192.168.1.106). However, file transfer is a pain

The pretty method:
In one terminal on Niobium, do

ssh root@terbium.internet.com -L 9999:192.168.1.106:22

In another terminal on Niobium, do
ssh verahill@localhost -p 9999

Basically, all traffic to port 9999 on niobium is forwarded to port 22 on Oxygen -- not terbium.

The cool thing? File transfer is a breeze (via sftp using e.g. filezilla)!

It really is that simple

Web tunnel
to browse the internet via a tunnel it's still easier to do
ssh -C -D 9889 root@terbium.internet.com
and set your browser to use a SOCKS proxy -- point it to localhost, port 9889.

No comments:

Post a Comment