Yan Seiner wrote:
> Now you have to watch your transfers; you are tunneling TCP over TCP
> and that can be bad juju. Large transfers are likely to fail and
No, in this case youd do not run TCP in TCP, but you have just one TCP
session (the TCP connection of ssh session is "terminated" at each end).
There are three TCP connections, each with their own flow and conestion
control
client - TCP1 - ssh-tunnel (TCP2) - TCP3 - server
The problem is if you are running some VPN running on top of TCP
(openVPN in TCP mode, or some ppp over ssh tunnel) and run on unreliable
/ congested network then you may have two TCP congestion control
interacting badly.
But for the reverse tunneling with ssh
- for each host, create ssh keys (without passphrase,
$HOME/.ssh/forwarding.id)
- on server host, create an account and authorized_keys file that allows
only port forwarding and no commands for each public key of client key
- for each host, make script to start ssh on reboot, possibly some watchdog
- client one:
ssh -i $HOME/.ssh/forwarding.id -R 2201:localhost:22 remote.server.example
- client two:
ssh -i $HOME/.ssh/forwarding.id -R 2202:localhost:22 remote.server.example
Now you can on remote.server.example run 'ssh -p 2201 localhost' to get
for client one, 'ssh -p 2202 localhost' for client two and so on.
Markus
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/ts-7000/
<*> Your email settings:
Individual Email | Traditional
<*> To change settings online go to:
http://groups.yahoo.com/group/ts-7000/join
(Yahoo! ID required)
<*> To change settings via email:
<*> To unsubscribe from this group, send an email to:
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
|