Don't know if SSH was ever designed to do this, but...

G'day,

I'm wondering if it's possible to tunnel a TCP connection using shell
redirection over an ssh connection? The sshd I wish to tunnel through
happens to have AllowTcpForwarding set to no, and I'd like to be able to
tunnel through it to get to my home network, mainly to use RDP on port 3389
(winxp remote desktop).

I've so far been looking at a solution combining twinpipe with nc... so the
command line looks like:

twinpipe 'ssh <home> nc -p 3389' 'nc -l -p 3389'

Which in theory joins the netcat's started on the 2 machines involved using
a pipe and a fifo buffer (which is set up by twinpipe and exist on the local
machine). ssh still asks for and accepts the password from the shell,
despite both its input and output being redirected. Clever little devil.

I then connect to the box running the twinpipe process within a few seconds
of everything being established.

Haven't made this work as of yet.. is there a better way to achieve what I'm
trying to achieve - or is this the way and there's something I'm missing?

Thanks heaps.
Chris

twinpipe creates a 2-way pipe between the commands passed as its first and
second parameters. simple yet effective.
twinpipe: http://bisqwit.iki.fi/source/twinpipe.html

I should say, the command line will be

twinpipe 'ssh <home> nc <winxp box ip> -p 3389' 'nc -l -p 3389'

Chris Adams wrote:
> G'day,
>
> I'm wondering if it's possible to tunnel a TCP connection using shell
> redirection over an ssh connection? The sshd I wish to tunnel through
> happens to have AllowTcpForwarding set to no, and I'd like to be able to
> tunnel through it to get to my home network, mainly to use RDP on port 3389
> (winxp remote desktop).
>
Why don't you do it the "other" way?

<a> <-> <b> <-> <xp>
If I understand well, you are located at <a> and you want to connect to
<xp> thanks and sshd at <b> ?

Assuming you have control on <a> and <xp> can access <a>
=> install sshd on <a> ( and allow port forwarding )
make the <xp> box connect (via ssh) to <a> and make it forward its local
port 3389 to whatever you want on <a>

Use private key to avoid keyboard authentication ( so that you can
automate the connection )
Looks much easier!

Chris Adams wrote:
> G'day,
>
> I'm wondering if it's possible to tunnel a TCP connection using shell
> redirection over an ssh connection? The sshd I wish to tunnel through
> happens to have AllowTcpForwarding set to no, and I'd like to be able to
> tunnel through it to get to my home network, mainly to use RDP on port 3389
> (winxp remote desktop).
>
> [snip]

ssh was designed to do it, but by using TCP forwarding. Since the sshd
server is on your home network, why not just turn it on? The man page
on sshd states "Note that disabling TCP forwarding does not improve
security unless users are also denied shell access, as they can always
install their own forwarders," as you're trying to do. ssh's built-in
forwarder is much more elegant.

There's a bit more stuff that I should mention that's important - this is a
reply to both Olivier and Allen:

1. There're actually going to be 2 ssh connections involved, since first I
have to get out of the network at uni and ssh is the only thing they're
allowing out, besides web traffic. I'm mainly interested to see if there's a
way to get out through ssh.

2. The sshd that I can't control the config of is the one at uni - I had
enabled port forwarding on my home sshd anyway.

3. The XP machine on my home network is behind a NAT box which has ssh
available.

This is just me being curious really.
So it looks like this:

<a> = the machine at uni running winxp which has the RDP client
<b> = the machine at uni running linux which has port 3389 open
<c> = the machine at uni which has access to the internet but only lets out
SSH and doesn't allow tcp forwarding
<d> = my home box, which runs sshd with port 22 open and has forwarding
enabled
<e> = home xp machine which is running the RDP server and has port 3389 open

on <b> I would run:
twinpipe 'ssh <c> -t ssh <d> nc <e> -p 3389' 'nc -l -p 3389'

Not sure about the need for the -t there.
Thanks Olivier for the heads-up about the private key - I'll set that up
too.

After running the above command, I then go to <a> and open the RDP client
and ask it to connect to <b> on port 3389. With any luck, <b> will forward
over ssh to the nc process running on <d> and then connect through to <e>.

Bit confusing really. I've tested each individual stage and each one works
fine on its own - but when I put it all together it falls apart somewhere.

Thanks,
Chris.

"Allen Kistler" <ackistler@oohay.moc> wrote in message
news:3_eSc.700$xG5.209@newssvr15.news.prodigy.com. ..
> Chris Adams wrote:
> > G'day,
> >
> > I'm wondering if it's possible to tunnel a TCP connection using shell
> > redirection over an ssh connection? The sshd I wish to tunnel through
> > happens to have AllowTcpForwarding set to no, and I'd like to be able to
> > tunnel through it to get to my home network, mainly to use RDP on port
3389
> > (winxp remote desktop).
> >
> > [snip]
>
> ssh was designed to do it, but by using TCP forwarding. Since the sshd
> server is on your home network, why not just turn it on? The man page
> on sshd states "Note that disabling TCP forwarding does not improve
> security unless users are also denied shell access, as they can always
> install their own forwarders," as you're trying to do. ssh's built-in
> forwarder is much more elegant.

Chris Adams <rocket@extremelan.net> wrote:
> 1. There're actually going to be 2 ssh connections involved, since first I
> have to get out of the network at uni and ssh is the only thing they're
> allowing out, besides web traffic. I'm mainly interested to see if there's a
> way to get out through ssh.

Put an OpenVPN server on your XP box (via your nat router), configured to
listen on tcp port 443. Install OpenVPN client on your local system and
use its --http-proxy option to tunnel its traffic via your university's
web proxy. I've recommended port 443 because (a) you're fairly unlikely
to be running your own SSL (https) web server, (b) it's the standard
https port so web proxies should pass traffic to it.

Chris

On 2004-08-10, Chris Adams <rocket@extremelan.net> wrote:
> G'day,
>
> I'm wondering if it's possible to tunnel a TCP connection using shell
> redirection over an ssh connection? The sshd I wish to tunnel through
> happens to have AllowTcpForwarding set to no, and I'd like to be able to
> tunnel through it to get to my home network, mainly to use RDP on port 3389
> (winxp remote desktop).
>
> I've so far been looking at a solution combining twinpipe with nc... so the
> command line looks like:
>
> twinpipe 'ssh <home> nc -p 3389' 'nc -l -p 3389'
>
I am pretty sure http://slirp.sourceforge.net/ is going to be a better
solution.

Cheers

Alex

Thanks heaps.

"Alexander Clouter" <alex@digriz.junk-this.org.uk> wrote in message
news:411d068e$1_2@127.0.0.1...
> On 2004-08-10, Chris Adams <rocket@extremelan.net> wrote:
> > G'day,
> >
> > I'm wondering if it's possible to tunnel a TCP connection using shell
> > redirection over an ssh connection? The sshd I wish to tunnel through
> > happens to have AllowTcpForwarding set to no, and I'd like to be able to
> > tunnel through it to get to my home network, mainly to use RDP on port
3389
> > (winxp remote desktop).
> >
> > I've so far been looking at a solution combining twinpipe with nc... so
the
> > command line looks like:
> >
> > twinpipe 'ssh <home> nc -p 3389' 'nc -l -p 3389'
> >
> I am pretty sure http://slirp.sourceforge.net/ is going to be a better
> solution.
>
> Cheers
>
> Alex