2000-02-22-11:28:49 Tyron Legette:
> I'm new to ssh, can anyone tell me how you would setup ssh to
> allow connections to a Unix host behind a firewall (Gauntlet 5.0
> on Solaris). I've looked at www.ssh.com <http://www.ssh.com> and
> www.f-secure.com <http://www.f-secure.com> and haven't found
> anything on connecting through proxies or firewalls.
I don't know of an ssh-specific proxy, but I've done ssh through
Gauntlet's plug-gw. Assign a port on the firewall for the specific
host's ssh proxy. Set up plug-gw to forward that port to 22 on the
target host.
Now for the security of this solution, I'd say ssh is about the only
protocol I'd consider forwarding this way, and even then great care
is required. With this setup, you're extending your trust perimeter
to include any machine that's able to use this ssh tunnel, so make
sure all clients that can connect through this tunnel are themselves
very well secured.
-Bennett
PGP signature
