I wanted to fetch a remote ssh port into my home computer which is behind the cable modem and the NAT that the cable system is doing on the address it's DHCP gave out to me. That way I could, from any third location, say from my laptop on the road, ssh into my home computer through the tunnel that ssh establishes.
I was successful in doing this under the circumstances where I assigned a spare IP address as a second alias to the machine where I wanted to establish the remote open end of the tunnel. First I modified the /etc/ssh/sshd_config in the remote computer so that I had the parameter: GatewayPorts clientspecified instead of the default which is "no". Then I issued a ssh -R aliasIPaddress:22:localhost:22 [EMAIL PROTECTED] and left it running. Then I signed into a third site and did a ssh [EMAIL PROTECTED] and after giving my password at my home computer everything worked great. I could see that as soon as I listed the contents of my home directory, I was in the home computer rather than the one at the remote site. That way I would be able to initiate a connection into my home computer even though it was behind a NAT. Now the aliasIPaddress "binding" is supposed to be optional, and I thought that instead of using up a IP address at the remote site, it would be nice to just set up listening on, say, port 435 for ssh and just forward that particular port to the home machine. Accordingly I set up listening on two ssh ports in the sshd_config of the remote machine. Port 22 Port 435 and I changed the other parameter to: gatewayPorts yes Which means, to my understanding, that a forwarded port on any address would be allowed. Then I tried: ssh -R 435:localhost:22 [EMAIL PROTECTED] The ssh above did connect, but I saw an error message (approx:) "remote port forwarding failed". And attempts to connect from a third (outside) site like: ssh -p 435 [EMAIL PROTECTED] half worked, but left me at the remote site -- in other words the port forwarding didn't work, as anticipated by the error message in trying to set up the tunnel. All three sites are Intel. The remoteIP is OpenBSD3.8 and the home machine is 3.7. Before I dig into every possible bit of ssh history, configuration and software setups, it there anyone out there successfully using port fetching (with -R, as opposed to port forwarding with -L) who could discuss it a bit with me? Thanks, Austin
