ssh tunnel - allow remote connections on remote side?
December 11, 2006 8:42 PM Subscribe
How can I allow remote connections to the remote side of my ssh tunnel? -g doesn't work. Neither does GatewayPorts.
posted by dmd to computers & internet (6 answers total)
The situation: INSIDE---FIREWALL---OUTSIDE. The possible connection is ssh from INSIDE to OUTSIDE. I want to run a service on port 8080 of INSIDE. I want everybody in the world to be able to access it by connecting to OUTSIDE:8080.
ssh -R8080:localhost:8080 OUTSIDE does not work - that binds the 127.0.0.1 interface of OUTSIDE, not its public interface ... that is, only OUTSIDE itself can connect to its own port 8080.
Putting 'GatewayPorts yes' in OUTSIDE's /etc/ssh_config doesn't help.
I successfully solved the problem by embedding one tunnel in another - tunneling an ssh port from INSIDE to OUTSIDE, like this:
INSIDE$ ssh -R12345:INSIDE:22 OUTSIDE
OUTSIDE$ ssh -p 12345 -L8080:INSIDE:8080 localhost
but that seems unnecessarily contrived, and is highly inefficient.
Can anyone help?
Extra possibly vital information: INSIDE is Mac OS X, OUTSIDE is Windows XP running an up-to-date Cygwin.