Zhang Weiwu wrote at 2009-11-10 20:36 -0600:
> Hello. I have a remote server inside a remote office covered by NAT
> masquerade where port forwarding not possible, and a local server in my
> local office not covered by NAT masquerade. In order to access the
> remote office and hosts in that office, I do this:
> 
> On remote office server, in a screen session I run
> $ ssh -R ....  local_server
> 
> On my own office, I try to connect to mapped ports on local_server.
> 
> The problem of this solution is security. I do not want to grant shell
> access of local_server to remote_server. What would you recommend me to
> do in this case? I could try to limit access of the account used by
> remote server ssh -R, but should I?

You might want to check out apf-server and apf-client packages.  I use these to 
provide access between masqueraded systems using an intermediary system.  
Server runs on the intermediary and client on the system to be connected to.  
System connected _from_ connects to client through a port on the server.

Attachment: signature.asc
Description: Digital signature

Reply via email to