假设网络是这样的:
A(192.68.0.1)------------------B(192.68.0.2)------------------ C(192.68.0.3)
A 是我的 ssh 服务器,C 是目标 ssh 服务器,我可以从 A telnet 到 B(我的帐户不是 root)。
B是一个不允许别人ssh登录的服务器,但是B可以通过ssh登录到C。
是否可以通过 ssh 从 A 到 B 连接 C?
问问题
4739 次
2 回答
0
如果可以在 B 上运行程序,则可以使用simpleproxy之类的东西将 TCP 连接转发到 C。
然后,您从 A SSH 到 B 上的某个端口(不是 22),这会将您的连接转发到 C。由于 SSH 会话是 A<->C,因此所有内容仍将被加密。
于 2012-02-18T11:52:18.883 回答
0
ok telnet to b you can actually ssh to yourself on b, but the following command may not work but try it first
ssh -L0.0.0.0:2200:192.68.0.3:22 127.0.0.1 ...
if sshd is not running on b... then ssh to c
ssh -L0.0.0.0:2200:192.68.0.3:22 192.68.0.3
do a
netstat -an | grep 2200 -- Do this on b (192.68.0.2)
if the netstat has 127.0.0.1 listening on 2200 and not 0.0.0.0 this trick wont work... but if it does... you can then connect to ssh on port 2200 to b and it will hit c
ssh 192.68.0.2:2200
i have you ssh to localhost on b because i cant remember the command to not spawn a shell and im too lazy to look it up... but if the solution above does not work you wont be able to redirect ports with ssh without root, you would have to change the config file on b
you would have to add
GatewayPorts yes to the sshd config file in /etc/sshd/conf/sshd_config
http://docstore.mik.ua/orelly/networking_2ndEd/ssh/ch09_02.htm -- this talks all about port forwarding with ssh
于 2012-02-18T12:21:25.510 回答