I am connecting to a VPN whose gateway is sufficiently misconfigured that basically the only useful thing I can do with it is to ssh to a specific Linux host set up for my usage inside the VPN, and then use that host as a terminal. (Neither scp nor ssh port forwarding nor ssh proxying with -D work properly.)
I want to use this connection to jury-rig a port forwarding between a different host inside the VPN and my laptop.
I've been able to set this up with socat:
$ socat TCP4-LISTEN:54321,bind=localhost,fork SYSTEM:"ssh user@linuxhost nc otherhost 54321"
This creates a listener on my local port 54321 and forwards new connections to the remote host by way of ssh and nc. It ain't pretty, but it works.
The issue is that this requires a new SSH connection negotiation for every new connection to the remote host, which slows things down for several seconds.
I am trying to figure out if there is a way to multiplex multiple listeners over a single ssh connection. (For what it's worth, I could run socat instead of nc on the remote side, if needed.)
UPDATE: I've discovered sshuttle, which is a pretty slick solution to this problem:
$ sshuttle -r user@linuxhost OTHERHOST_IP
...
$ nc OTHERHOST_IP PORT # works via transparent proxy
I'm a bit leery of sshuttle though, because it's almost too clever for its own good: it tries to do its proxying transparently, and allows access to any port of the subnets chosen inside the VPN.
What would be perfect is something similar to sshuttle that presents something more like an ssh port-forwarding interface:
$ sshuttle -r user@linuxhost -L LOCALPORT:OTHERHOST:PORT
...
$ nc localhost LOCALPORT
