Passive ssh/telnet server?

Question

I want to set up a Ubuntu openssh (or telnet) server where the network environment is

can connect to any other host via any tcp/udp port.
but cannot accept incoming connections from other clients.
no UPnP in NAT

Is there any solutions to control this server from outer network?

for example,

the server A connects to a outer server B.
user connects to the server B.
server B redirects any packets from user to server A.

Setup port forwarding on the NAT device. – Chris S Jun 01 '11 at 14:31 — Chris S, Jun 01 '11 at 14:31
It seems that the NAT depth is 2 or more, so I can't. – shkim Jun 01 '11 at 14:42 — shkim, Jun 01 '11 at 14:42
Setup port forwarding on both (or more) NATs. – Chris S Jun 01 '11 at 14:49 — Chris S, Jun 01 '11 at 14:49
I have no access control on NATs. – shkim Jun 01 '11 at 15:19 — shkim, Jun 01 '11 at 15:19

score 1 · Accepted Answer · answered Jun 01 '11 at 14:55

Either:

Set up port forwarding through the NAT (on as many NAT boxen as you have)

or

SSH out from the machine to another box and use -R (Remote port forwarding) to pass the connection through.
See man ssh for additional information.

The first is more correct. The second can be implemented without access to the NAT rulesets, and is probably a bit more secure than setting up port forwarding without additional IP access control lists...

Note that if you're doing this to circumvent security policies in place at whatever organization you work with you will probably be beaten severely by the local sysadmin when they discover the SSH traffic.

Thanks, I'll read about 'ssh out'. It's publicly open environment, not a company, and there's no security admin. — shkim, Jun 01 '11 at 15:13

Passive ssh/telnet server?

1 Answers1