0

I have the following scenario

                                                                                                                  
               Local Network                     |                          Global Network                        
                                                 |                                                                
                                                 |                                                                
                                                 |                                                                
                                                 |                                                                
                                                 |                                                                
                                                 |                                                                
                                                 |                                                                
+------------+              +-----------+        |               +----------+                   +----------------+
|   client A | -----------> |  server A | <--------------------> | server B | --------------->  | Global Network |
+------------+              +-----------+        |               +----------+                   +----------------+
                                                 |                                                                
                                                 |

The challenge ahead:

Transfer all traffic from server A to server B. Since all tunnel protocols are closed in server A, I thought reverse ssh is a good option.

I use the following command for making reverse ssh: ssh -fNT -R 4000:localhost:22 ubuntu@62.45.xx.xx -i <private-key>

Now on server A I can see that port 4000 is opened. but I don't know how to transfer the traffic as a whole to server B

Arash Sadeghizadeh
  • 11
  • 1
  • *"Since all tunnel protocols are closed in server A, I thought reverse ssh is a good option."* - Generally there is a policy/reason for such things and (regardless of your opinions and your inconvenience) circumventing your corporate policy is usually *not* the *good* option. Whatever good intentions you have, what you're actually attempting is often considered [data exfiltration](https://en.wikipedia.org/wiki/Data_exfiltration) ... - And practically speaking, forwarding specific protocol and targeted traffic may be easier. – diya Dec 19 '22 at 13:12
  • Yes, or in a situation where everything has been filtered for you I am not referring to a specific country – Arash Sadeghizadeh Dec 19 '22 at 13:14

1 Answers1

0

My immediate thought is to create a tun interface and setup routing appropriately. As you see below from ssh man the following commandline argument is available.

-w local_tun[:remote_tun] Requests tunnel device forwarding with the specified tun(4) devices between >the client (local_tun) and the server (remote_tun). The devices may be specified by numerical ID or the keyword “any”, which >uses the next available tunnel device. If remote_tun is not specified, it >defaults to “any”. See also the Tunnel and TunnelDevice directives in >ssh_config(5).

If the Tunnel directive is unset, it will be set to the default tunnel >mode, which is “point-to-point”. If a different Tunnel forwarding mode it >desired, then it should be specified before -w.

This answer provides more details.

https://unix.stackexchange.com/questions/525217/create-network-interface-from-ssh-tunnel

schezel2000
  • 36
  • 2