New meeting time proposal - Tuesday 15:00 UTC
Dan Shearer
dan at shearer.org
Wed Jun 4 08:50:44 UTC 2008
On Wed, Jun 04, 2008 at 09:58:37AM +0200, Roberto Salgado wrote:
>
> El mar, 03-06-2008 a las 12:08 -0500, Dustin Kirkland escribió:
>
> > ssh -f -N -p 443 -L 7778:localhost:7778 myinternethost.example.org
>
> Remember you don't really need a proxy, just a tunnel.
> Something like: "ssh -L 6667:irc.ubuntu.com:8001 user at yourmachine"
> and then "/server localhost" in your IRC client.
I agree the use of the word 'proxy' in the following is confusing:
ssh -o 'ProxyCommand=connect-proxy -H corporatefirewall:80 %h 443' \
myinternethost.example.org
because it is actually a tunnel. Which you then stack. Where the only
way out of a network is via a web proxy, you need to first build a
tunnel through the web proxy (ssh over https) and then an application
tunnel (irc over ssh).
> At least you don't need a new "service" running in your computer if
> you don't want to "dettach" your session.
This was all about people who have all ports blocked except web, and
then yes, the external machine does need a new service (a copy of ssh.)
There is also a way of defeating this if you run squid, but that's
another topic.
--
Dan Shearer
dan at shearer.org
More information about the ubuntu-server
mailing list