[linux-elitists] SSH Tunneling

Seth David Schoen schoen@loyalty.org
Wed Sep 5 22:19:38 PDT 2001

Aaron Lehmann writes:

> Alice is a trusted laptop. It may travel on very hostile 802.11b
> networks, exist behind firewalls, etc. It has to communicate with Bob
> (a 3rd party machine) using an untrusted protocol. The data is not
> particularly sensitive, but should not be sent in plaintext behund
> these firewalls. I would like to tunnel the connection over ssh via a
> home machine. Is it possible to make a tunnel between Alice and this
> home machine so the data is relayed in plaintext to Bob?
> Authentication is not a big issue. I'd prefer to have this run off
> port 22 on the home machine, but could use another port if necessary.

Yes, traditionally via something like

ssh -f home-machine -L 1717:bob:17 sleep 1000000

Since even the hostile LAN's DNS may be hostile to you, you should
actually use bob's IP address, or at least have an /etc/hosts entry for

Seth David Schoen <schoen@loyalty.org>  | And do not say, I will study when I
Temp.  http://www.loyalty.org/~schoen/  | have leisure; for perhaps you will
down:  http://www.loyalty.org/   (CAF)  | not have leisure.  -- Pirke Avot 2:5

More information about the linux-elitists mailing list