Hi Misc, This is trivial question but I am having a hard time wrapping my head around the possible use of relayd for ssh traffic redirecting. Namely I have a situation where I have multiple hosts behind firewall which I would like to make available for ssh loggin.
In the past I was using different port numbers to accomplish this pass in on egress inet proto tcp to (egress) port 1671 rdr-to $mpi pass in on egress inet proto tcp to (egress) port 1672 rdr-to $gpu pass in on egress inet proto tcp to (egress) port 1673 rdr-to $hammer However I was wondering if I could use relayd in conjunction with PF to avoid different port numbers. I would like to have something like ssh u...@mpi.mylab.org going to mpi machine ssh u...@mpi.mylab.org going to gpu machine ssh u...@hammer.mylab.org going to hammer machine on the default port 22. The reason is ridiculous of course. I prefer to use something like relayd than to explain to 20 people how to change the port on their putty clients. It looks to me that the very least that can be accomplished is to have some kind load balancing where ssh traffic is redirected to one of three available hosts mpi, gpu, and hammer but how do I force redirection to a particular host just based on the name of ssh request. Note that ssh host have no routable addresses and the only DNS record is the one I keep in my Unbound (caching only server). Most Kind Regards, Predrag
