On Tue, 14 Dec 1999, Atro Tossavainen wrote:
> > I have the following setup:
> > Machine A (which I am on) has access to machine B and the rest of the
> > internal net.
> >
> > Machine B has sshd running on it and has access to the outside world.
> >
> > Machine C I'd like to ssh to.
>
> No tunneling required. Just force tty allocation in the first session:
>
> A% ssh -t B ssh C
>
> and you're in business.
But that would allow an intruder on B to compromise your session to C. If you use a
tunnel like so:
A% ssh -o 'ProxyCommand ssh B nc C 22' C
then your session is encrypted and authenticated from A to C. This assumes that you
have netcat (nc) installed on machine B. Here is one way to do it if you can't install
something like netcat on B.
A% ssh -f -L2000:C:22 B sleep 12
A% ssh -p 2000 localhost
Amanda.
