Searching \ for '[OT] Web based SSH/Telnet proxy?' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/index.htm?key=web+based+sshtelnet
Search entire site for: 'Web based SSH/Telnet proxy?'.

Exact match. Not showing close matches.
PICList Thread
'[OT] Web based SSH/Telnet proxy?'
2006\05\02@164457 by Josh Koffman

face picon face
I'm at a remote location for a few weeks. I have internet access just
fine and dandy, but the IT department refuses to unblock the SSH port
so I can check some of my other mail accounts. This is very
frustrating to me, and it seems like they are mostly just unaware of
what SSH is. Seems like a lot more mischief happens over port 80.

In any case, I was wondering if anyone's come across any web based SSH
(or failing that, a telnet) proxy. I found MindTerm which is a Java
SSH applet, but it still tries to run out the same port on your
computer.

Any ideas?

-j
--
A common mistake that people make when trying to design something
completely foolproof is to underestimate the ingenuity of complete
fools.
       -Douglas Adams

2006\05\02@174827 by David Segonds

flavicon
face
Josh,

Did you have a look at Hamachi? It is a very neat tool. My home
firewall blocks all incoming traffic but using Hamachi, I am still
able to connect using ssh.

The tool can be found at http://www.hamachi.cc/

http://grc.com/securitynow.htm#18 "Hamachi Rocks" presents an
independent description of Hamachi and explains in more details how it
works.

Sincerely,
David.

On 5/2/06, Josh Koffman <spam_OUTjoshybearTakeThisOuTspamgmail.com> wrote:
{Quote hidden}

> -

2006\05\02@201623 by rwuest

flavicon
face

If the remote end is a *nix box, run '/usr/sbin/sshd -p 80' on it (kill web
server first, of course).

Then connect with 'ssh -p 80 remote'

Robert

-----{Original Message removed}

2006\05\02@204612 by Josh Koffman

face picon face
On 5/2/06, rwuest <.....rwuestKILLspamspam@spam@wuest.org> wrote:
>
> If the remote end is a *nix box, run '/usr/sbin/sshd -p 80' on it (kill web
> server first, of course).
>
> Then connect with 'ssh -p 80 remote'

It is a BSD box, but sadly I don't admin it. I'll make the suggestion
though...as soon as I can email him heh.

Josh
--
A common mistake that people make when trying to design something
completely foolproof is to underestimate the ingenuity of complete
fools.
       -Douglas Adams

2006\05\02@211430 by Josh Koffman
face picon face
On 5/2/06, David Segonds <davidspamKILLspamsegonds.org> wrote:
> Did you have a look at Hamachi? It is a very neat tool. My home
> firewall blocks all incoming traffic but using Hamachi, I am still
> able to connect using ssh.
>
> The tool can be found at http://www.hamachi.cc/
>
> http://grc.com/securitynow.htm#18 "Hamachi Rocks" presents an
> independent description of Hamachi and explains in more details how it
> works.

Hm....interesting. While I'd like to avoid having to leave the
computer at home on all day, it's an interesting idea. I suppose I
could also do VNC, though I guess this will be faster as all I'll be
passing over the network will be my actual ssh session rather than the
video of my ssh session on another machine.

Do you know if this sends _all_ your IP traffice through Hamachi, or
do you select which applications to tunnel? Also, I'm curious how it
deals with dynamic IPs on the host computer. Well, off to the docs!

Josh
--
A common mistake that people make when trying to design something
completely foolproof is to underestimate the ingenuity of complete
fools.
       -Douglas Adams

2006\05\02@213401 by David Segonds

flavicon
face
Josh,

> Hm....interesting. While I'd like to avoid having to leave the
> computer at home on all day, it's an interesting idea. I suppose I
> could also do VNC, though I guess this will be faster as all I'll be
> passing over the network will be my actual ssh session rather than the
> video of my ssh session on another machine.

VNC will work too and be secure as Hamachi is encrypted everything.
You can also use remote desktop even though I have not tried.

> Do you know if this sends _all_ your IP traffice through Hamachi, or
> do you select which applications to tunnel? Also, I'm curious how it
> deals with dynamic IPs on the host computer. Well, off to the docs!

All your traffic for your target computer goes encrypted through the
Hamachi tunnel. This means that you need to trust to computer you are
using to communicate with the computer behind the firewall or run a
software firewall on the machine behind the firewall.

Hamachi is assigning a unique IP address to the machine running the
daemon in the 5.x.x.x range. I am using zoneedit.com for my external
DNS needs. It's free.

The machine behind the firewall can by dynamically assigned. it does not matter.

The podcast is really informative and I will start by listening to it.

Sincerely,
David.
--
David Segonds
PGP: 1F7A3E7A Finger: 9949 521B 1B39 CE5A E193  FC49 866A 1255 1F7A 3E7A

2006\05\02@214022 by Richard Prosser

picon face
Being totally ignorant of what ssh is, I'll throw my oar in.
Have you tried a port redirect facility like no-ip.com. You can send
on port 80 to a named service you set up (free) & it gets redirected
to you home ip address on the required port.
I may be totally wrong but it might be worth a try.

Richard P

On 03/05/06, Josh Koffman <.....joshybearKILLspamspam.....gmail.com> wrote:
{Quote hidden}

> -

2006\05\03@064036 by Philip Pemberton

face picon face
In message <3e0a4bc40605021344y4cdf56c7o1453f2892d365370spamspam_OUTmail.gmail.com>>          "Josh Koffman" <@spam@joshybearKILLspamspamgmail.com> wrote:

> I'm at a remote location for a few weeks. I have internet access just
> fine and dandy, but the IT department refuses to unblock the SSH port
> so I can check some of my other mail accounts. This is very
> frustrating to me, and it seems like they are mostly just unaware of
> what SSH is. Seems like a lot more mischief happens over port 80.

I've been using a tool called ProxyTunnel
(http://proxytunnel.sourceforge.net) to punch through firewalls. You set your
SSH server to listen on port 443, then you use PT with OpenSSH to make a
connection to the SSH server through the proxy.

PuTTY can even do this without external software.

Problem is, if you don't have a server you can configure to listen for SSH
connections on port 443, you're SOL. Unless the proxy is configured to allow
outbound connections on port 22...

--
Phil.                         | Kitsune: Acorn RiscPC SA202 64M+6G ViewFinder
KILLspamphilpemKILLspamspamdsl.pipex.com         | Cheetah: Athlon64 3200+ A8VDeluxeV2 512M+100G
http://www.philpem.me.uk/     | Tiger: Toshiba SatPro4600 Celeron700 256M+40G

2006\05\03@104658 by Philip Pemberton

face picon face
In message <RemoveME3e0a4bc40605021814u66f0cbf3h611566936e3380b2TakeThisOuTspammail.gmail.com>>          "Josh Koffman" <spamBeGonejoshybearspamBeGonespamgmail.com> wrote:

> Hm....interesting. While I'd like to avoid having to leave the
> computer at home on all day, it's an interesting idea.

Here's a solution for you:
 Linksys NSLU2: about $60 iirc
 USB hard drive, or pendrive: about $20

Flash the NSLU2 with DebianSlug, install it on the USB drive, then wire it up
to your router and set up a port forward.

I've got an NSLU2 here - it's handling ADSL routing, network file serving
(Samba, aka SMB or Windows File Sharing and NFS), email fetching and serving
(UW-IMAP, Postfix and Fetchmail), basic spam filtering (Bogofilter - which
AFAICT has a false-negative rate of about 99%), webserving (Cherokee) and
SSH.

I've found the Fujitsu FDX310 DSL modem to be horrendously unreliable - mine
will lose line sync seemingly at random. Since I swapped the FDX for a
Thomson/Alcatel Speedtouch 330 and started using the "speedtch" kernel
driver, I've had a solid ADSL connection for about a week with no line drops.

If you get an NSLU2, be warned that they don't power up automatically when
the power supply starts up. I installed a PIC12F675 in mine to pull the
/POWER_ON signal down about a second after it gets power.
It's also worth removing the clock-limiting resistor while you've got it in
bits. Linksys underclock the NSLU2 by default - if you remove the limiting
resistor you can get an NSLU2 to run at the full 266MHz, usually with no
problems.

Considering the NSLU2 is sold as a USB file server (and the fact it only
pulls about 10W of power - 5V at 2A), it's a very capable device. BTW, about
an amp of that 2A is reserved for USB devices, so a bare NSLU2 will probably
pull about an amp (so around 5W).

If anyone reading this has got a spare NSLU2 they want rid of (or one that
they've fried the firmware on), I'd be only too happy to give it a home :)

--
Phil.                         | Kitsune: Acorn RiscPC SA202 64M+6G ViewFinder
TakeThisOuTphilpemEraseMEspamspam_OUTdsl.pipex.com         | Cheetah: Athlon64 3200+ A8VDeluxeV2 512M+100G
http://www.philpem.me.uk/     | Tiger: Toshiba SatPro4600 Celeron700 256M+40G

2006\05\03@155913 by Howard Winter

face
flavicon
picon face
Phil,

On Wed, 03 May 2006 15:45:45 +0100, Philip Pemberton wrote:
>...
> If anyone reading this has got a spare NSLU2 they want rid of (or one that
> they've fried the firmware on), I'd be only too happy to give it a home :)

Well I have (still shrinkwrapped), but I don't want to get rid of it - I got it so I can use it!  :-)  It was
on special offer at Staples, about forty quid, I think.  Worth checking whether they still have them.

Any advice you have on which of the alternative softwares to load it with would be gratefully received.  (I
know next to nothing about Linux, by the way).

Cheers,



Howard Winter
St.Albans, England


More... (looser matching)
- Last day of these posts
- In 2006 , 2007 only
- Today
- New search...