Thomas DeBellis wrote...
> Yes, yes, I understand to read the man pages and that the accounts
> need to be set up, etc., etc. I'm not asking for recommendations;
> I'm asking for concrete examples that somebody has done already as
> I am confused about the man pages.
OK. Here's an example. We run sshd out of inetd.conf on all our
systems here. To do so, this is what inetd.conf looks like:
localhost:~> grep sshd /etc/inetd.conf
sshd stream tcp nowait root /usr/local/sbin/sshd /usr/local/sbin/sshd -i
The -i tells sshd that it's being run out of inetd.conf - do not
run it on the command line with the -i option.
*NOTE* You must have an entry in /etc/services for sshd or else this will
not work, you'll get errors.
localhost:~> grep sshd /etc/services
sshd 22/tcp
And of course, do a kill -HUP on the PID of inetd once you make that change
to /etc/inetd.conf
> The man page for ssh doesn't say *anything* at all about inetd. So,
> what is it? -L? -R? Which one? What's the line in inetd.conf
> look like?
For port forwarding you don't do anything with sshd, it's with ssh.
For example, we have a POP server here for getting email. Well, I'd
rather not send my POP password over the wire in plain text everytime
I check my email, so what I did was setup port forwarding between
my machine and the mail server, so I connect to localhost port 20110
instead of to the mail server on port 110. Me giving my password to
the mail server is now done over a secure encyprted channel via SSH.
To initiate this port forwarding, I issue this command from my workstation:
localhost:~> ssh -L 20110:mail.domain.com:110 mail.domain.com
What that does is is ssh me into mail.domain.com, redirecting localhost
port 20110 to port 110 on mail.domain.com.
Adjust the port numbers to your liking, but hopefully this should clear
it up. Of course, there has to be an sshd process running on mail.domain.com,
either out of inetd.conf using the -i option or in standalone mode, with no
options, and you have to have a valid account on mail.domain.com.
Hope this helped some.
Josh
