Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSH Port Forwarding as Mini-VPN

Published byJeffery Dickerson Modified over 6 years ago

Similar presentations

Presentation on theme: "SSH Port Forwarding as Mini-VPN"— Presentation transcript:

1 SSH Port Forwarding as Mini-VPN
PANTUG PLUG West PLUG North JP Vossen bashcookbook.com

2 What, why? SSH port forwarding "tunnels" ports over a secure SSH connection That means you can trivially encrypt otherwise insecure, plain text protocols. Well, usually. Some protocols, like FTP, don't work like that. (So use scp instead.) Works great for SMTP, IMAP, HTTP, etc...

3 How? -X -L [bind_address:]port:host:hostport
-R [bind_address:]port:host:hostport ~/.ssh/config LocalForward [bind_address:]port:host:hostport RemoteForward [bind_address:]port:host:hostport See also the ssh -w (tun) switch (thanks Matt Liggett) And you get all the SSH authentication mechanisms, like SSH-Agent and certificates, for free!

4 CLI Examples ssh -X jp@foobar.example.com
ssh -L 80:foobar:80

5 ~/.ssh/config Host home HostName foobar.example.com Port 222 User root
Compression yes ServerAliveInterval = 100 # SMTP & IMAP Server LocalForward localhost: :25 LocalForward localhost: :143 # Squid LocalForward localhost: :3128 # LAN HTTP Servers LocalForward localhost: :80 LocalForward localhost: :80 # VMware Console LocalForward localhost: :902

6 /etc/hosts #127.0.0.1 localhost
# Tunnel LAN servers via SSH when remote # Needs 'ssh -c ~/.ssh/config home' running localhost mail mail.example.com smtp smtp.example.com imap imap.example.com

7 sshfs The coolest thing since sliced bread!
Install sshfs and fuse on your local, client system If the remote server has SSH (and what doesn't) you're all set! Now you can "mount" any remote directory, securely, via SSH: sshfs mountpoint [options] mkdir mydocs && sshfs mydocs

8 Questions? Thanks jp@jpsdomain.org I'm on the PANTUG & PLUG lists

Download ppt "SSH Port Forwarding as Mini-VPN"

Similar presentations

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.

© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
SSL From Your Smartphone Support for Android Smartphones www.sharetech.com.twwww.sharetech.com.tw / www.higuard.comwww.higuard.com.

SSL From Your Smartphone Support for Android Smartphones /
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Securing Squid (Proxy) Using Digest Authentication.

Securing Squid (Proxy) Using Digest Authentication.
FTP File Transfer Protocol. Introduction transfer file to/from remote host client/server model  client: side that initiates transfer (either to/from.

FTP File Transfer Protocol. Introduction transfer file to/from remote host client/server model  client: side that initiates transfer (either to/from.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)
SSH Keys William Stearns 6-0647.

SSH Keys William Stearns
Lecturer: Maxim Podlesny Sep 29 2008 CSE 473 File Transfer and Electronic Email in Internet.

Lecturer: Maxim Podlesny Sep CSE 473 File Transfer and Electronic in Internet.
Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,

Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
The Saigon CTT Chapter 16 Remote Connectivity. The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP.

The Saigon CTT Chapter 16 Remote Connectivity. The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP.
Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa.

Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa.
Secure Shell for Computer Science Nick Czebiniak Sung-Ho Maeung.

Secure Shell for Computer Science Nick Czebiniak Sung-Ho Maeung.
Daemon issue 14 SSH Port Forwarding Yannis Tsopokis Wednesday, April 26 th 2006.

Daemon issue 14 SSH Port Forwarding Yannis Tsopokis Wednesday, April 26 th 2006.

Similar presentations

Ads by Google