In message <[EMAIL PROTECTED]>, [EMAIL PROTECTED] writes:
>ernestc> I read and searched the ssh FAQ on configuring SSH to tunnel in http
>ernestc> but couldn't find an answer. I have a several remote employees that
>ernestc> want to access our internal Website, but would like to use SSH and
>ernestc> perhaps TCP wrapper. Is this possible?
>
>on the server side, i think the default configuration for the sshd
>should allow it. you might want to get things working w/o tcp wrappers
>first.
>
>on the client side, the details for configuring port-forwarding (what
>you are calling tunneling) depend heavily on exactly which client you
>are using. i was not able to tell which ssh client you are using
>(there are lots!) -- only that the client machines probably use
>windows.
>
>once you identify which the ssh client, i think there's a good chance
>someone on this list can help.
More precisely, configure the clients to forward some arbitrary port to the
Web proxy port on the inside. (If you're not running a Web proxy, you'll also
have to bring up something like Squid, but that's not that hard.) Then the
clients have to be configured to use 127.0.0.1:arbitraryport as their proxy
address. I've done that successfully from UNIX and Windows systems, both with
ssh.
--Steve Bellovin
