0

I have 3 workstations

  • ortro (my client)
  • idrauser@idra (the middle)
  • cerberouser@cerbero (the destination)

On idra:

ssh -L 9999:idra:22 cerberouser@cerbero

On otro:

ssh idrauser@idra -p 9999
ssh: connect to host idra port 9999: Connection refused

I cannot modify the sshd_config in ortro. I need to setup a tunnel between idra and cerbero and then use it from ortro

Thanks a lot Riccardo

Riccardo79
  • 954
  • 4
  • 17
  • 35

1 Answers1

3

-L binds to localhost by default.

Use

ssh -L '*':9999:idra:22 cerberouser@cerbero

or

ssh -o GatewayPorts=yes -L 9999:idra:22 cerberouser@cerbero

instead.

A more secure solution would not proxy the port, but instead proxy the connection. Try adding this to your ~/.ssh/config on ortro:

Host cerbero
User cerberouser
ProxyCommand /usr/bin/ssh idrauser@idra /bin/nc -w 3700 %h %p

Then connect to cerbero from ortro by running the single command

ssh cerbero
dave4420
  • 46,404
  • 6
  • 118
  • 152