Also, if you want to shovel SSH out over an HTTPS proxy, ProxyTunnel is the thing:
http://proxytunnel.sourceforge.net/paper.php On Mon, Nov 16, 2009 at 5:02 PM, Ralph Durkee <[email protected]> wrote: > OpenVPN. Extremely flexible SSL VPN, so it works over NAT and Web Proxies. > > --Ralph Durkee > >> Thanks. But what if the client is a Windows box? >> >> Thanks, >> Adrian >> >> On Mon, Nov 16, 2009 at 3:56 PM, Bradley McMahon >> <[email protected]>wrote: >> >>> to setup a reverse ssh connection >>> ssh -R Port#1:localhost:Port#2 "host address" >>> >>> -R is the option to setup the reverse proxy >>> Port 1: this is the port that you need to ssh to from the host in order >>> to >>> connect back to the machine you initiated the reverse ssh connection >>> Port 2: is the port your connecting to the host to open the tunnel >>> (default >>> 22 for ssh) >>> host address is the host your connecting to. >>> >>> so on the machine you want to connect to you from behind a firewall. >>> ssh -R 1020:localhost:22 [email protected] >>> >>> and on your box your connected to to get back into that machine >>> ssh -p 1020 r...@localhost >>> >>> extra credit: >>> ssh -C -D 1080 -p 1020 r...@loclahost >>> >>> this will setup a socks proxy so you can actually use any program that >>> supports socks proxy as if you were on that actual machine, nice for >>> making >>> changes to routers remotely. >>> >>> happy hunting. >>> >>> -Brad >>> >>> >>> >>> On Mon, Nov 16, 2009 at 3:32 PM, Adrian Crenshaw >>> <[email protected]>wrote: >>> >>>> Hi All, >>>> I'm playing around with making reverse connections out of a NATed >>>> of >>>> network. I can do it with ncat no problems. I've tried to get reverse >>>> SSH to >>>> work from a Linux box (using OpenSSH) behind NAT to a Windows box >>>> (using >>>> putty), but so far no luck. I think it has something to do with no >>>> gatewayports being present. Anyone ever set thi up before? >>>> >>>> I'd also be interested in a way to do a reverse VPN. Basically, I'd >>>> have a >>>> drop box behind the firewall that would make a VPN connection out to >>>> me, >>>> then I could use any tools I like from my client box. Any ideas on >>>> that? >>>> >>>> Thanks, >>>> Adrian >>>> >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>>> >>> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
