Puttygen import pem

Puttygen import pem

Spread the love

Ssh tunnel

Posted on 04/04/2012 by Oleksii Bohomaz

Boleems a long time I did not catch a cold. I will use the opportunity and write how you can access any resource behind a NAT (firewall), even if the ports are not forwarding Until recently, I did not believe in this kind of magic as it turned out everything in our world is possible, just needed to approach the problem from the other side

but as everywhere there are disadvantages we need one white IP (client The idea is that we build a tunnel on a computer that is behind NAT (firewall), that it connects to a client with a white IP, and that one connecting to us we are interested in actually asking

1. Build a tunnel to the client with a white ip

ssh -f -N -R 2222: localhost: 22 username client_real_IP

Naturally username must exist in the system

2. On the client with white IP, enter

But that’s not all, Tunel from the world into the network:

We enter on your computer:

ssh -f -N -L 4080: 80 nameuser@

Similarly, we enter on our host:

w3m -dump http: localhost: 4080

and we get access to the web-resource of the node, which is located behind the host (natit our gray mesh 192.168.0 24).

Do not forget that timeout tunnels are disabled or autossh or keepalive to help

And now the most fun

it took to connect two computers because of the NATs of VNC VNC-client host: ssh -L 4896: localhost: 4897 user server

VNC-server host: ssh -R 4897: localhost: 4899 user server

In our case there is a computer with white ip (server)

VNC server set up to listen on localhost: 4899,

VNC client connect to localhost: 4896.

Such things can be done with the help of Windows:

putty ssh client

plink CLI Putty

MyEnTunnel to maintain an active tunnel http://nemesis2.qx.net/pages/MyEnTunnel


man ssh


Change the standard shell on samopisny 1. In the etc shells file, add the line with the full path to our non-standard shell (for example, I will use usr bin passwd).

2. Save

3. Create a new user using the adduser command

4. During creation, when they ask which shell we want, feel free to choose passwd (yes, we will have such a fad Of course, you can also change the silk of the current one; no one prohibits it, in my case a new user was created.