[rescue] how to use a NAT/PAT to forward SSH to an internalbox
George Adkins
rescue at sunhelp.org
Sat Jan 5 21:05:06 CST 2002
> As far as I can tell, that's the show stopper. I don't see that the ssh
> request carries the requested server hostname in it anywhere.
Right, perhaps a startup script which would send that data to the "other
program"
> the "other program" listening on
> port 22 on the firewall could pick the requested server hostname out of
> the packet and behave like a proxy and send the request to the
> appropriate inside machine.
or it could look up the private address and establish a portmap between:
1. a port in a designated range of available ports > 1024 and
2. port 22 on the destination machine
and then report that port# back to the initiating script which could pass it
to the ssh session when it starts it up.
> To make this work, all of the internal machine names would have to
> resolve to your one external IP address.
>
Yes, in the same way that http:// virtual servers work.
More information about the rescue
mailing list