[ale] ssh -R (was Re: Have I been hacked?)

Sean C. McCord scmlist at cycoresys.com
Tue Jan 13 11:01:06 EST 2009


On Tue, Jan 13, 2009 at 10:53:13AM -0500, Sean C. McCord wrote:
> On Tue, Jan 13, 2009 at 09:53:54AM -0500, Jeff Lightner wrote:
> > What is port 1101 in this configuration?
> 
> An arbitrary TCP port on your local box which will be tunneled through the SSH
> connection to port 22 on 192.168.122.132.

I should also note that, although it is arbitrarily numbered, there are
two notable restrictions:
- It must not be used by another service on the same interface which it
  binds to (localhost).
- It must be a port above 1000 (i.e., insecure) if you are not root.

> Don't be confused by the 5555, since that is unique to Ed's setup.  That
> is simply the SSH port on 192.168.1.46 which is open to the local box.
> 
>  
> > -----Original Message-----
> > From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Ed
> > Cashin
> > Sent: Tuesday, January 13, 2009 9:41 AM
> > To: ale at ale.org
> > Subject: Re: [ale] ssh -R (was Re: Have I been hacked?)
> > 
> > I'm mainly interested in ssh-ing into virtual machines running
> > Linux on a Mac mini running VMware Fusion, at this time.
> > 
> > Now that I can do that (Thanks, Chris!), I wanted to share the
> > magic command.
> > 
> > Background info:
> > 
> >   The office network is 192.168.1.0/24.
> > 
> >   My workstation's IP on the office network is 192.168.1.46.
> >   Its name is "meili".
> > 
> >   Meili's ssh daemon is listening on a non-standard port, 5555.
> > 
> >   The virtual machine is running CentOS, and VMware Fusion's
> >   NAT has assigned it the address 192.168.122.132.  (The
> >   192.168.122.132/24 network is a virtual network existing inside
> >   of the Mac mini.)  The VM's name is "burke".
> > 
> > The mac mini's IP on the office network doesn't figure into the
> > command at all, so I won't mention it.
> > 
> > At a shell prompt on burke, as ecashin, I run,
> > 
> >   ssh -p 5555 -v -N -T -R 1101:192.168.122.132:22 192.168.1.46
> > 
> > ... or in English,
> > 
> >   ssh to meili's port 5555 and set up a tunnel from meili's
> >   localhost port 1101 to burke's port 22.
> > 
> > Back at my workstation meili, I can ssh into burke as user
> > ecashin via,
> > 
> >   ssh -p 1101 127.0.0.1
> > 
> > -- 
> >   Ed Cashin <ecashin at noserose.net>
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > ----------------------------------
> > CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
> > ----------------------------------
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale


More information about the Ale mailing list