Admin/ServiceConfig/SSHTunnelling

Almost all machines in UL are not on the Internet. They can only access the internet by going through proxy servers, or machines in the DMZ. The proxy server only serve very specific protocols, so for anything at all unusual, I create an SSH tunnel through a DMZ machine.

I've got logins to two machines in the DMZ, skynet.ie and portal.csisdmz.ul.ie. Tony Molloy should give any post-grad or staff member in CSIS an account on the latter if you ask him nicely. The procedure is the same for both machines.

A real-life example may make this clearer. I use machine A. I want to use a MUD served on btmux.com:5555 by tunnelling through skynet.ie

On A, add the following lines to your ~/.ssh/config:

Host skynet.ie
LocalForward 5555 btmux.com:5555

Now, install autossh (e.g. using "port install autossh" for [DarwinPorts]) and run

autossh -M 0 -Nf [MAILTO] poldy@skynet.ie

Now I can start my MUD client like

tf localhost 5555

and I will be connected to the remote server.

As well as the SSH method, one of the more useful proxy servers is for the SOCKS4a protocol. Someone may be able to get some joy out of this (although I'd be a lot more optimistic with SOCKS5). And finally, if anyone is interested, I ([MAILTO] poldy@skynet.ie) am using a similar setup to run a [distributed OS].

last edited 2006-07-07 19:58:05 by 193