5

I am creating a web challenge, and due to a firewall, I need to be able to bind an SSH client source socket to a fixed port to pass its traffic through the firewall.

Is there any way to do this using maybe netcat or Ubuntu settings? Or an ssh alternative that could achieve this?

BaseZen
  • 394
  • 2
  • 14
jonny b
  • 55
  • 1
  • 4
  • Can you not enable the default SSH port on the firewall? If not you can modify the `/etc/ssh/sshd_config` and change the `Port 22` to whatever you like and restart SSH service. By the way, never terminate the existing connection to the server until you can prove that new config is valid and users can connect. – Prav Jul 08 '18 at 17:37
  • You don't mean source port, you mean destination port. Ergo, your question might read better as "How do I change the port that the SSH service listens on?". To which, Praveen P's comment is correct. – Tom O'Connor Jul 08 '18 at 18:17
  • Your question is vague. What does web challenge mean here and how it is related to SSH? The question cannot be answered without more detailed information. – Tero Kilkanen Jul 08 '18 at 21:05
  • Praveen P - No. This is the destination port, not the source port. – jonny b Jul 09 '18 at 18:06
  • Tom O'connor, Yes i do mean source port, this is why i stated 'source port' if i wanted to change the destination port i would of stated 'destination port' – jonny b Jul 09 '18 at 18:07
  • 2
    @womble, I totally don't understand why this question was put on hold. It is VERY clear what the OP asked and wanted, and I was able to perfectly answer his question. More than that, it is a very valid use case/problem. – Florin Asăvoaie Jul 09 '18 at 19:11
  • I proposed a -Z portnum option... you can find it here: https://github.com/openssh/openssh-portable/pull/130 and here: https://github.com/Zibri/openssh-portable – Zibri May 04 '19 at 15:38
  • Agreed this is a great question and great answer. I absolutely benefited from this. I MISCONFIGURED my firewall to require the SOURCE port to be 22, and using this I got in to fix it!! Not vague at all. – BaseZen Feb 06 '21 at 03:28

1 Answers1

9

You have to use nc as ProxyCommand. SSH only supports to specify the bind address of the SSH client.

ssh -o 'ProxyCommand nc -p 2345 %h %p' $MY_SERVER

Something like this should work.

Florin Asăvoaie
  • 7,057
  • 23
  • 35