reverse ssh

[Erez D]

looks a little complicated - extra ssh server, firewall with port knocking
all this for a ssh connection ...

On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe <rabin at rabin.io> wrote:
> you can add a port-knocking tool like fwknop to add a dynamic rule to
> forward your connection into the privet machine.
>
> --
> Rabin
>
>
> On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com> wrote:
>>
>> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanlior at gmail.com>
>> wrote:
>> > Didn't check it, but login in with a user who has /bin/true might do the
>> > trick.
>> you are correct, it works.
>> however it is still a security risk, as this means the client may
>> listen on unused port ...
>>
>> >
>> > Kaplan
>> >
>> >
>> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com> wrote:
>> >>
>> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com>
>> >> wrote:
>> >> > ssh itself ?
>> >> >
>> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
>> >> nice, however this requires me to give access to my server, which i do
>> >> not want ...
>> >> (or, can i give people permission to ssh to my server only for reverse
>> >> tunnels and no shell ?)
>> >>
>> >> >
>> >> > Kaplan
>> >> >
>> >> >
>> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com> wrote:
>> >> >>
>> >> >> hello
>> >> >>
>> >> >> i have a linux machine with a private ip connected to the internet
>> >> >> i have a public ip and need to ssh to the linux box
>> >> >>
>> >> >> any tools for that ?
>> >> >>
>> >> >> _______________________________________________
>> >> >> Linux-il mailing list
>> >> >> Linux-il at cs.huji.ac.il
>> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >> >
>> >> >
>> >
>> >
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>