Belgium
Aug - 07

7

SSH to intranet hosts from outside – SSH gateway

Posted in General, Work on August 7th, 2007 by Nicolas

For some of the latest projects I’m working on, it is required that I quite frequently access various machines that are located behing a corporate firewall, on a privately adressed subnet inside a company.

One option I had but got fed up with quite fast was :

 outside$ ssh nicolas@gateway 
 gateway$ ssh root@box1 
 box1# 
or  
 ssh -t nicolas@gateway ssh root@box1

Once again, SSH came in handy and I found that everything was there for me to have that first hop and re-ssh done automatically. Just added the following to my ~/.ssh/config

 Host gateway       
 Hostname gateway.example.org       
 User nicolas 

 Host box1       
 Hostname 192.168.0.1       
 User root       
 ProxyCommand ssh gateway nc -w 1 %h 22

This, coupled to ssh’s passwordless authentication made my day a lot easier ;)

Tags: ,
Aug - 07

6

Auto SSH-Tunnel to a CVS repository with eclipse

Posted in Java & Eclipse, Work on August 6th, 2007 by Nicolas

Some of the software projects I’m involved in require access to a CVS repository which is behind a corporate firewall that will drop all incoming traffic which is not directed to a specific machine (the SSH server) on port 22. This situation made it hard to code from outside the organization’s network.

12

Some geekery would be to setup an SSH tunnel from the eclipse machine that would encrypt pserver while outside of the organization and forward it from the SSH server to the CVS server. This could be done by executing the following command:

ssh -L2401:cvs.example.org:2401 ssh.example.org

One would then configure eclipse to access the CVS repository located at localhost using pserver, ssh would do the rest.

This method is now “integrated” into eclipse. When going to File->New->Project->CVS->Project from CVS, you can now choose the pserverssh2 connection method.

You then have to fill the “Host” field using this syntax:

sshlogin@ssh.example.org#sshPort@cvs.example.org

or

sshlogin@ssh.example.org@cvs.example.org

if the ssh server listens on the default port 22.

You then fill in the username and password with your pserver CVS’ credentials and you’re all set!

Enjoy!

Tags: