FWD: HELP! SSH2 and firewalls

Thu, 6 May 1999 06:52:04 -0700 

-----BEGIN PGP SIGNED MESSAGE-----


This got munched by Majordomo because the word 'help' appeared at the 
start of the Subject: line ...

Martin


 ------- Forwarded Message

From: Ralph Seguin <[EMAIL PROTECTED]>
Date: Wed, 5 May 1999 17:05:11 -0700 (PDT)
Subject: HELP! SSH2 and firewalls
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]

Hi.
I've got some configuration and management questions
regarding SSH2 and firewalls.

I have a firewall machine running Linux (RedHat 5.2,
2.0.36, but willing to upgrade kernels) and ipfwadm as
well as other firewalling measures.

Suppose I have three hosts:


INTERNALHOST      <==>    FIREWALL    <==>   
EXTERNALHOST
(Intranet)                                   
(Extranet)
"fake" IP                                     Real IP
addr
192.168.1.X net


- From EXTERNALHOST, I can ssh2 into FIREWALL and then
rsh, rlogin or telnet into INTERNALHOST ("fake" IP 
ddr, 192.161.1.x subnet).  From INTERNALHOST, I can
ssh2 directly to EXTERNALHOST (real IP addr).

What I'd like to be able to do: -ssh2 directly from
EXTERNALHOST to INTERNALHOST in a secure manner
without involving any rlogin or rsh from FIREWALL.  I
do NOT want to create accounts for people on FIREWALL
(maybe one account, if necessary).

- -use ssh2 and scp2 to seamlessly talk back and forth
between INTERNALHOST and EXTERNALHOST

- -use CVS seamlessly between INTERNALHOST and
EXTERNALHOST

- -port forward, in a secure manner, various ports
(HTTP/80),
(Telnet/23), ...
from INTERNALHOST to EXTERNALHOST, so I can browse the
INTRANET

- -For security reasons, I do not want to create user
accounts on the firewall, nor do I wish to put
hostnames on it.

Anybody got recommendations?
URLs?
Are there GOOD ssh2 clients for Win32?
...

Any help is greatly appreciated.

Thanks.
- -Ralph
[EMAIL PROTECTED]


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

 ------- End of Forwarded Message



-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBNzGdztZdpXZXTSjhAQF/5wP/Tky4oAF0QWSBr/1O8IUWa3xoZllqAvcv
YbmD2Mf7VQSErHhi5H0kIBxgQE5/Mou9UAR++wj6bxxmFgcdnWtHK81z66hFKsHn
mpkt6v5TMzYXG9c14tnOtQUoCCZ/yxqcJZuf1F/fdWYCLjJBk7txhW7gUNST4cAs
RWd2sSYlNvo=
=sQLf
-----END PGP SIGNATURE-----

Reply via email to