f



ssh port forward - for port range

Hi,

Im trying to set up ssh local port forward.
But I dont know the ports to connect to on the remote machine
beforehand.

Is it possible to setup  forward  for a range of ports?


thanks
rc

0
11/21/2006 11:57:54 PM
comp.security.ssh 4228 articles. 0 followers. terra1024 (490) is leader. Post Follow

2 Replies
848 Views

Similar Articles

[PageSpeed] 8

You can specify multiple ports to forward on the command line, or
establish a VPN if you have the need for UDP. See:

http://www.securitybulletins.com/mediawiki/index.php/SSH_Tunnelling

for info on both types.

Doug

On 21 Nov 2006 15:57:54 -0800
chandranramesh@gmail.com wrote:

> Hi,
> 
> Im trying to set up ssh local port forward.
> But I dont know the ports to connect to on the remote machine
> beforehand.
> 
> Is it possible to setup  forward  for a range of ports?

-- 
For UNIX, Linux and security articles
visit http://SecurityBulletins.com/ 
0
11/22/2006 12:38:48 PM
In article <1164153474.108673.130230@b28g2000cwb.googlegroups.com>
chandranramesh@gmail.com writes:
>
>Im trying to set up ssh local port forward.
>But I dont know the ports to connect to on the remote machine
>beforehand.

You could perhaps use OpenSSH's "dynamic" port forwarding, i.e. SOCKS -
see the -D option.

>Is it possible to setup  forward  for a range of ports?

Not as such (with OpenSSH), though (with OpenSSH) you can AFAIK give any
number of -L options - i.e. a range is just a matter of giving one -L
option for every port in the range. A bit verbose, but the end result
would be the same - ssh (any flavour) would need to open a separate
socket for every port in the range, there's no such thing as wildcarding
or "ranging" the port in the socket API.

--Per Hedeland
per@hedeland.org

0
per71 (2634)
11/25/2006 7:57:28 PM
Reply:

Similar Artilces:

Prevent blocking remote port when setting up a SSH tunnel/SSH port forwarding?
Assume I create an SSH tunnel to a remote computer with ssh foobar@remcomp -L 20110:remcomp:110 then it seems to me that on the remote computer port 110 is blocked for other clients. Is this true? How can I prevent this exclusive locking? Peter pins1000@yahoo.com (Peter Insold) writes: > Assume I create an SSH tunnel to a remote computer with > > ssh foobar@remcomp -L 20110:remcomp:110 > > then it seems to me that on the remote computer port 110 is blocked for other > clients. Is this true? No. DES -- Dag-Erling Smørgrav - des@des.no...

Ports for DB2 behind firewall / ssh port forward
hi newsgroup, I'd like to connect to a remote DB2 Database V 8.2 using the "DB2 Steuerzentrale" (I guess it's called something like "DB2 management console" in the English version). Since the database host is behind a firewall I tried to communicate through ssh port forwarding. Therefore, I run: ssh -L 6789:remotename:6789 -L 50000:remotename:50000 -L 50001:remotename:50001 -L 523:remotename:523 remotename Though the ssh connection is established, my "DB2 Steuerzentrale" won't connect to localhost successfully and shows an error num...

port tunneling over ssh (not port-forwarding in the traditional sense)
Does anybody know of a way to do port forwarding over ssh not using the standard ssh functionality, but rather by running a utility on the server and using a special client that forwards data through the terminal session. I think PPP and slirp would do the job, but I would prefer to have a standalone client that exists solely to forward one (or several) ports, rather than acting as my main network connection. > Does anybody know of a way to do port forwarding over ssh not using the > standard ssh functionality, but rather by running a utility on the server > and using a spe...

forwarding a port-range over ssh automaticly
hi. i need to forward a port-range eg. 5000-5100 to allways chaanged ips. socks connection cann forward everything. i need from ssh to do the same. but how? its not so easy to type all this ports, but its makeable. to config the always changing target-host is imposible. i would very thankfull if someone finds out how to do this. Yazay Eminaga <yazay@mytum.de> writes: >i need to forward a port-range eg. 5000-5100 to allways chaanged ips. >socks connection cann forward everything. i need from ssh to do the same. Many SSH clients can present a local SOCKS proxy for on-the-fly po...

FTP port forwarding in SSH.. Secure??
I was trying the "FTP Port Forwarding" to secure the FTP transfer). I really like it, but I have a question: On the unix manual pages (man ssh2), the description of the "-L" option indicates that part of the connection is not secure when you use FTP Port Forwarding, could someone please explain me what part is not secure? Is it referring to the FTP data which is non-encrypted inside the tunnel? Below is text from manual page for F-Secure SSH2 SSH2 SSH2(1) ...

Ports....Ports....Ports...
I have a linksys WRT54G wireless access point and I have't been able to get voice communications using Windows Messenger or Buddy Talk. With a direct PPOE connection to my isp they voice items worked fine. What ports need to be forwarded to allow for voice? Thanx, Grumpy On Fri, 08 Aug 2003 15:05:30 GMT, William Harper spoketh >I have a linksys WRT54G wireless access point and I have't been able to get >voice communications using Windows Messenger or Buddy Talk. With a direct >PPOE connection to my isp they voice items worked fine. What ports need to >be forwarded...

remote/reverse port forward, ssh client setting source IPs to what ssh server reports
Note: most of this post is based on OpenSSH When I do a remote forward (port on server listens for incoming traffic, traffic gets forwarded to port that is listening on client), the source IPs of all the incoming connections in the server app on the client machine are 127.0.0.1/localhost. Using "-v", I can see that sshd passes the IP addresses of what computers connected to the sshd's port that forwards to the client. The client does not use/set the originating information when connect. RFC 4254 requires the server send the originating IP across the wire to the client. ------------------------------------------------------------------------------------------------------------------------- 7.2. TCP/IP Forwarding Channels When a connection comes to a port for which remote forwarding has been requested, a channel is opened to forward the port to the other side. byte SSH_MSG_CHANNEL_OPEN string "forwarded-tcpip" uint32 sender channel uint32 initial window size uint32 maximum packet size string address that was connected uint32 port that was connected ###string originator IP address########################################### uint32 originator port -------------------------------------------------------------------------------------------------------------------------- The 'originator IP address' is the numeric IP address of the machine from where the conn...

ssh.com v3.2.9.1 slow performance with ftp over ssh port forwarding?
Hi, i am using a ssh port forwarded tunnel to secure a ftp connection between 2 linux boxes. both run the same ssh version, mentioned in subject. what i do is: ssh -l username remotehost -L ftp/10001:localhost:21 ftp/ should ensure that the data channel is encrypted via the tunnel as well, not only the control channel. anyways, i got a 3 mbit dsl line here, and am not able to get more than 210KByte/sec over the forwarded ftp connection. i treid the same setup to other machines as well, same results. i tried changing the ciphers, performance stays the same. i mean i would expect some overh...

Forward only some ports through ssh
Hello, Is it possible to forward only some ports (cvs and mysql for example) through ssh using the authorized_keys. Thank you. ...

ssh port forwarding
Hello! Please, explain me where I'm wrong. I have two machines with linux and FreeBSD and I desire to have a secure tunel for HTTP between them. So I make it in the following way: linux@lunc:~$ ssh -2 -L 1234:localhost:6661 lunc@freebsd freebsd@lunc|~$ and afer that I tried to make following HTTP request "http://localhost:1234/" on my linux box by Firefox browser. However, I saw by tcpdump that http wasn't tuneled: linux@root# tcpdump -X -s 128 -v port 6661 ......... 19:47:07.980462 IP (tos 0x0, ttl 64, id 62776, offset 0, flags [DF], proto: TCP (6), le...

SSH Port forwarding
Hi All, I am running an application over telnet interface on port say 5566 So I generally connect telnet <hostname> 5566. How to connect to the application via ssh (using ssh portforwarding.) Thanks and Regards, Jc Jc wrote: > Hi All, > > I am running an application over telnet interface on port say 5566 > So I generally connect telnet <hostname> 5566. > > How to connect to the application via ssh (using ssh portforwarding.) > > Thanks and Regards, > Jc > ssh -L 5566:localhost:5566 userid@remotehost telnet localhost 5566 Hi, Thanks. It works. But what happens is it directly logged into the remotehost which I don't want. I want the user to get only the info through the port 5566 (ssh). Any way? Thanks in advance, Jc Chuck wrote: > Jc wrote: > > Hi All, > > > > I am running an application over telnet interface on port say 5566 > > So I generally connect telnet <hostname> 5566. > > > > How to connect to the application via ssh (using ssh portforwarding.) > > > > Thanks and Regards, > > Jc > > > > ssh -L 5566:localhost:5566 userid@remotehost > > telnet localhost 5566 On 9 Jan 2007 23:38:46 -0800 "Jc" <ramschitra@gmail.com> wrote: > Hi, > Thanks. It works. > But what happens is it directly logged into the remotehost which I > don't want. I want the user to get only the info through the port 5566 > (ssh)...

SSH and forwarding port
Hi, I want to use SSH from my work desk to the client site for doing some diagnosis on electronic systems. The network will be like that: One PC at work desk with ssh client on private LAN. SSH client is configured for forwarding port 9000 for example (in fact, my diagnosis application). A firewall accept the outgoing connection by port 22. At the client site, one PC with SSH server. The connection to Internet will be by DSL link and some servers (diagnosis servers) will be connected on the Ethernet private network on site (by Ethernet connection on the SSH server PC). My question is this o...

SSH
Having got SSH working on my Solaris 2.8 Ultra (Thanks list) I now have a question regarding making the port a bit more secure. Almost as soon as 22 was opened on the firewall I saw an attempt to get in from North Korea :-( What I have done so far is to: Move the port from 22 to above 1024. Turn off allowing root. Turn off password checking so you have to have a known rsa key. Is this enough or can I improve on this? TIA -- Regards Dave Saville NB Remove no-spam- for good email address "Dave Saville" <dave@no-spam-deezee.org> writes: >Having got SSH working on my...

SSH and Port Forwarding
I'm running SSHWindows (sshd) on a Win2k server on port 2345. From a client I can connect using "ssh -p 2345 Administrator@server" just fine. I also have VNC running on this server at port 5900. I can configure port forwarding by typing "ssh -p 2345 -L 1234:server:5900 Administrator@server" and then connect to localhost::1234 on the client to establish a VNC connection. Now I assumed that the only port needing to be opened on my firewall would be port 2345 but I'm finding that this doesn't work unless I also open port 5900. I'm guessing that'...

ssh port forwarding
Hello, I am trying to get access to a friends' computer via ssh. Unfortunately, his computer is behind a router which doesn't support NAT (Network Adress Translation). Consequently, I cannot connect directly on his computer using a command like "ssh user@ip_adress" because his router is blocking me. Then, I got the idea that perhaps if my friend would start a ssh connection from HIS computer to MINE, and then somehow by tunneling I would be able to get access to his computer. But after having read the manpages of ssh and something on the internet, I must state that I do n...

ssh, port forwarding
Does anyone know why ssh connections use seemingly random port numbers? At least it appears that way in a tcpdump output: "192.168.1.201:61032 > 192.168.1.1.ssh", or "192.168.1.1.ssh > 192.168.1.201.56365" ...and others. I'm trying to ssh in to .201 from the WAN. .1 is running a nat- enabled firewall (FreeBSD 7.0, natd, ipfw) and is configured to forward port 2222 to 192.168.1.201:22. But I cannot connect, and I've narrowed the problem down to my firewall, which only has 22, 67, 80, and 2222 open for incoming connections. Is there a specific range I should open up, e.g. 45000-65535 ? I would appreciate any insight... Thanks, Steven Steven Borrelli <sborrelli8@gmail.com> wrote: > Does anyone know why ssh connections use seemingly random port > numbers? At least it appears that way in a tcpdump output: > > "192.168.1.201:61032 > 192.168.1.1.ssh", or "192.168.1.1.ssh > > 192.168.1.201.56365" ...and others. TCP connections have two port numbers. The one on the client end, and the one on the server end. It's common to not specify a port for the client and have the OS pick one for the connection, and specify only the one on the server. That's what SSH is goind. This tells us that the 1.1.ssh side is the server side, and the 1.201.xxx side is the client. > I'm trying to ssh in to .201 from the WAN. .1 is running a nat- > enabled firewall (FreeBSD 7.0, natd, ipfw) an...

ssh port forwarding
Hi all, I want to use ssh port forwarding to make a secure channel between client and server CVS. I had find a lot of info about how to setup port forwarding without a remote login in a client (using -f option) but I do not want to setup that in the client side but I want to setup it only in the server side. In this way any client, without specify -f option, can use port forwarding without a remote login. Someone know how to setup that?? Thanks, Johnny Johnny Choque wrote: > Hi all, > > I want to use ssh port forwarding to make a secure channel between client > and server CVS. I had find a lot of info about how to setup port forwarding > without a remote login in a client (using -f option) but I do not want to > setup that in the client side but I want to setup it only in the server > side. In this way any client, without specify -f option, can use port > forwarding without a remote login. > > Someone know how to setup that?? I think you are misreading the -f option, it doesn't allow you to use ssh without having a login on the server, it puts the login in the background. Not the same thing. -- -bill davidsen (davidsen@tmr.com) "The secret to procrastination is to put things off until the last possible moment - but no longer" -me ...

Port forwarding ranges of ports in IOS
Is this possible? For instance, I want to port forward inbound a VoIP providers UDP ports (e.g. 16000 16500). I cannot find anything about how to do this so I'm thinking it's not possible. Thanks On Aug 25, 7:23 am, locken...@gmail.com wrote: > Is this possible? For instance, I want to port forward inbound a VoIP > providers UDP ports (e.g. 16000 16500). I cannot find anything about > how to do this so I'm thinking it's not possible. > > Thanks Hi, you can use the 'range' parameter in the access list's command, i.e.: access-list 100 permit ud...

Why is port forwarding more secure than opening up a port?
I have never understood this very well, here is my current grasp of it.. If I open up port 110 on my router: 1. If hacker is probing random IP addresses on that port, I will be flagged as open and he will come back and pay me a visit. 2. Any Trojans, viruses, or other malware that works its way into PCs via port 110 will eventually stumble across my open port and infect me. Alternatively, if I "forward" port 110 to say 192.168.0.5 (my pop3 server PC): 1. If hacker is probing random IP addresses on that port, will I will be flagged as closed? stealthed? worth a second visit?...

Port Forwarding: Device:Port = Router:Port?
- Webcam's IP addr = 10.0.0.140, and it's set up to use port 8000 - Router's IP addr = 1.0.0.1, and it's port forwarding is set up to forward port 8000 to 10.0.140. - I can view the camera using 10.0.0.140:8000, no problem. The Question: Should I be able to view the camera using 10.0.0.1:8000? -- PeteCresswell On Wed, 31 Aug 2011 08:13:01 -0400, "(PeteCresswell)" <x@y.Invalid> wrote: > - Webcam's IP addr = 10.0.0.140, and it's set up to > use port 8000 > > - Router's IP addr = 1.0.0.1, and...

ssh tunnel to non-standard ssh port
I have an instance where I am wanting to connect to a remote server which has ssh listening on a non-standard port (22170). I cannot create a ssh tunnel without ssh also listening to port 22 or have no port assigned -- I also have to open port 22 on my firewall. Is there a way that I can create a ssh tunnel to a remote server which has ssh listening on a non-standard port? Here is my tunnel command: ssh -f -N -R 22170:localhost:22 user@10.10.10.1 TIA gmac63 Am Mon, 20 Aug 2007 04:03:38 -0700 schrieb gmac63: > I have an instance where I am wanting to connect to a remote server > whi...

To Port Forward or Not To Port Forward
System: DP MDD G4, OS 10.4.9 Inet connection: DSL with static i.p.,Broadcom Gateway to Linksys WRT54G Wireless Router using DHCP, 1 computer connected via enet, 3 connected wirelessly, basic home use only Wireless security is very basic: Unique router name and pw, SSID disabled, and connections allowed by MAC addresses only, Linksys firewall is enabled with all the other features set to their defaults, Mac OS firewall is disabled I recently purchased a Logitec QuickCam Pro 5000 webcam that works just fine with iChat right out of the box. Learning how to use it I found some Apple docs and ot...

SSH port forwarding/tunneling
I've got a question about port forwarding.... I have a machine that will be located remotely. I have ssh installed on this machine. I cannot install any sort of VPN on this machine. The machine will be behind a firewall, so I need a way to access this machine. What I'd like to do is set up a persistent ssh connection to my server, and then portforward back through this connection so I can connect to the ssh server on the machine..... One more time: machine A is at my desk. machine B is far, far away. Machine B connects to machine A via ssh, forwarding some port that connects b...

WRT54GS and port forwarding ssh
Hi all, I've got a WRT54GS that I just upgraded to HyperWRT 1.21 Beta 1. I'm having a problem. I can't seem to get port forwarding to work on my router, either before or after the upgrade. I've got a linux box as my machine and I'm trying to port forward ssh and a HTTP server on port 1000. I've set up the router to forward those ports, enabled them saved the configuration, all of that, but I can't connect to the ports at all on the IP assigned to the router by my provide. I use Charter as my provider, and they tell me they don't block any ports from their end. ...

Web resources about - ssh port forward - for port range - comp.security.ssh

Forward - Wikipedia, the free encyclopedia
Vorwärts! ("Forward!"), a radical paper in German published from Paris in 1844, covering topics of art, science, theater, music, literature and ...

Spring Forward: 10 Tips For Adjusting to the Time Change
... heart of winter, it gets dark as early 4:00 p.m. The sun doesn’t come up until after 8:00 a.m. during that time of year, either. Spring Forward ...

Ben Carson says 'no path forward' in his bid for White House
Business Insider Ben Carson says 'no path forward' in his bid for White House Business Insider FILE - In this March 1, 2016 file photo, Ben ...

Carson: No "path forward," will skip next debate
The Republican presidential candidate will address supporters at Friday's Conservative Political Action Conference in Maryland

Ben Carson doesn't see 'a political path forward'
CNN Ben Carson doesn't see 'a political path forward' CNN (CNN) Ben Carson doesn't "see a political path forward" in the Republican presidential ...

Ben Carson drops out of GOP debates, sees 'no political path forward' to the presidency
... came and went with nary a mention of Dr. Ben Carson's name—much less any concrete delegate support—Carson says he sees no political path forward ...

More than 50 million mobile VR devices to ship by 2020 as virtual reality takes step forward at MWC 2016 ...
Virtual reality (VR) took a step forward at Mobile World Congress (MWC) 2016. At the Samsung S7 launch, Mark Zuckerberg spoke of the Oculus/Samsung ...

Why Multimedia Production Will Push Your Brand Forward
Why Multimedia Production Will Push Your Brand Forward written by Guest Post read more at Duct Tape Marketing photo credit: Pixabay It’s no ...

Middle-East Tech Conferences Drive The Region Forward With Confidence, Not War
Last week in Beirut a large group of disparate people gathered to find out what the future held in store. This, however, was not an assembly ...

Full Episode: This Week 03/06/16: GOP Members Come Forward During Primary Nomination Process
Guests: Bernie Sanders, John Kasich, Glenn Beck, Reince Priebus, Matt Dowd, Cokie Roberts, Van Jones, Ana Navarro

Resources last updated: 3/7/2016 9:12:10 PM