LINUX.ORG.RU

comp1: ssh serv -R 22000:localhost:22

comp2: ssh serv -L 22000:localhost:22000

comp2: ssh locahlost -p 22000

comp2:22000 -----> serv:22000 -------> comp1:22 q.e.d

man ssh на тему -L, -R

lodin ★★★★
() 

кроме проброса портов
man ssh
SSH-BASED VIRTUAL PRIVATE NETWORKS
     ssh contains support for Virtual Private Network (VPN) tunnelling using
     the tun(4) network pseudo-device, allowing two networks to be joined
     securely.  The sshd_config(5) configuration option PermitTunnel controls
     whether the server supports this, and at what level (layer 2 or 3 traf‐
     fic).

     The following example would connect client network 10.0.50.0/24 with
     remote network 10.0.99.0/24, provided that the SSH server running on the
     gateway to the remote network, at 192.168.1.15, allows it:

           # ssh -f -w 0:1 192.168.1.15 true
           # ifconfig tun0 10.0.50.1 10.0.99.1 netmask 255.255.255.252

     Client access may be more finely tuned via the /root/.ssh/authorized_keys
     file (see below) and the PermitRootLogin server option.  The following
     entry would permit connections on the first tun(4) device from user
     “jane” and on the second device from user “john”, if PermitRootLogin is
     set to “forced-commands-only”:

       tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
       tunnel="2",command="sh /etc/netstart tun1" ssh-rsa ... john

     Since a SSH-based setup entails a fair amount of overhead, it may be more
     suited to temporary setups, such as for wireless VPNs.  More permanent
     VPNs are better provided by tools such as ipsecctl(8) and isakmpd(8).

sdio ★★★★★
()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.
Admin