ssh to unix machine behind firwwall

Can someone here explain how I could ssh to my unix machine at work
from home ?
We have a socks5 proxy server here, so that gets through the firewall.
But there is no way to telnet or ssh into work. I want to be able to
run commands/ telnet session from home to my work machine ? i have
installed cygwin sshd onto my windows machine at home, and ssh on my
Unix machine..

Simon

On 2005-01-16, (E-Mail Removed) <(E-Mail Removed)> wrote:
> Can someone here explain how I could ssh to my unix machine at work
> from home ?

Ask the SysAdmin to punch an hole in the firewall for your home
machine or to setup a VPN.
Davide

--
kill -9 them all, let reboot -rf now sort them out
--Peter Gutmann

> Can someone here explain how I could ssh to my unix machine at work
> from home ?
Somebody (you@home or sysadmin@work) is going to have to allow ssh
connections through their firewall. If you are running Windows at home,
my vote goes to your sysadmin. You could ask if the machine running the
Socks5 proxy could also run sshd; from there you could connect to your
own machine. Unless you work for a small company, this is liable to be
more accepable than allowing SSH access to your personal machine.

It might be possible to do something with the socks5 proxy instead. I
don't know enough about it to have an informed opinion.

(E-Mail Removed) wrote:

> Can someone here explain how I could ssh to my unix machine at work
> from home ?
> We have a socks5 proxy server here, so that gets through the firewall.
> But there is no way to telnet or ssh into work. I want to be able to
> run commands/ telnet session from home to my work machine ? i have
> installed cygwin sshd onto my windows machine at home, and ssh on my
> Unix machine..

If your work firewall blocks your attemps, there's nothing you can do. Talk
to your lan admin, to see if he can open the necessary port, to allow ssh.

Allen McIntosh wrote:
> > Can someone here explain how I could ssh to my unix machine at work
> > from home ?
> Somebody (you@home or sysadmin@work) is going to have to allow ssh
> connections through their firewall. If you are running Windows at
home,
> my vote goes to your sysadmin. You could ask if the machine running
the
> Socks5 proxy could also run sshd; from there you could connect to
your
> own machine. Unless you work for a small company, this is liable to
be
> more accepable than allowing SSH access to your personal machine.
>
> It might be possible to do something with the socks5 proxy instead.
I
> don't know enough about it to have an informed opinion.

I can ssh from work to home no problem. I wandered how I could make it
so that my unix machine at work kept an open connection to home which
let me get command line access to work from home, if you see what I
mean. I can get a connection so logically it should be possible to use
it the other way around, but I wander what is the normal way to do this
? i was thinking that I should be able to fire up a shell at work and
simply redirect the standard IO to the ssh ? Sounds possible to me ..
Simon

(E-Mail Removed) wrote:
> Allen McIntosh wrote:
>
>>>Can someone here explain how I could ssh to my unix machine at work
>>>from home ?
>>
>>Somebody (you@home or sysadmin@work) is going to have to allow ssh
>>connections through their firewall. If you are running Windows at
>
> home,
>
>>my vote goes to your sysadmin. You could ask if the machine running
>
> the
>
>>Socks5 proxy could also run sshd; from there you could connect to
>
> your
>
>>own machine. Unless you work for a small company, this is liable to
>
> be
>
>>more accepable than allowing SSH access to your personal machine.
>>
>>It might be possible to do something with the socks5 proxy instead.
>
> I
>
>>don't know enough about it to have an informed opinion.
>
>
> I can ssh from work to home no problem. I wandered how I could make it
> so that my unix machine at work kept an open connection to home which
> let me get command line access to work from home, if you see what I
> mean.
You want to open a client ssh connection at work to your ssh server at
home and then want to work with the same connection from home, is that
right?
That is not possible. It would be disastrous if it would work, or do you
want any ssh server you are connected to fool around on your client system?

> I can get a connection so logically it should be possible to use
> it the other way around,
Yes it is. Open a connection from home to the ssh server at work, but
this would imply a firewall forwarding to the desired server. I guess
lycos doesn't want to have that ;-).

> but I wander what is the normal way to do this
> ?
A VPN or RAS access could be a normal way.

> i was thinking that I should be able to fire up a shell at work and
> simply redirect the standard IO to the ssh ? Sounds possible to me ..
hmm... not to me.

> Simon
>

greetz

(E-Mail Removed) wrote:

> I can ssh from work to home no problem. I wandered how I could make it
> so that my unix machine at work kept an open connection to home which
> let me get command line access**to*work*from*home,*if*you*see*what*I
> mean. I can get a connection so logically it should be possible to**use
> it the other way around, but I wander what is the normal way to do this
> ? i was thinking that I should be able to fire up a shell at work and
> simply redirect the standard IO to the ssh ? Sounds possible to me ..

It's possible *ONLY* if the work firewall permits incoming ssh connections.
It's generally far easier to get out from such a network, than into it.

(E-Mail Removed) writes:

> Allen McIntosh wrote:
>
> I can ssh from work to home no problem. I wandered how I could make it
> so that my unix machine at work kept an open connection to home which
> let me get command line access to work from home, if you see what I
> mean. I can get a connection so logically it should be possible to use
> it the other way around, but I wander what is the normal way to do this
> ? i was thinking that I should be able to fire up a shell at work and
> simply redirect the standard IO to the ssh ? Sounds possible to me ..
> Simon

Using ssh tunneling seems the good way to do it.

you will need a shell server on your unix machine at work (if there
is a ssh server, it's ok, else, you will need something that open a shell
when you connect by tcp to it)

let's say your shell server is listening on port 2222, your unix machine
at work is called work, your home machine is called machine.

on work, do this:

ssh homeuser@home -R12345:localhost:2222 # it will open a tunnel between
port 12345 on home and port 2222 on work. You may be interested by -f,
see man ssh

then, on home, do this:

ssh -p 12345 workuser@localhost

and that's ok

--
Thomas Samson

> Using ssh tunneling seems the good way to do it.
>
> you will need a shell server on your unix machine at work (if there
> is a ssh server, it's ok, else, you will need something that open a
shell
> when you connect by tcp to it)
>
> let's say your shell server is listening on port 2222, your unix
machine
> at work is called work, your home machine is called machine.
>
> on work, do this:
>
> ssh homeuser@home -R12345:localhost:2222 # it will open a tunnel
between
> port 12345 on home and port 2222 on work. You may be interested by
-f,
> see man ssh
>
> then, on home, do this:
>
> ssh -p 12345 workuser@localhost
>
> and that's ok
>
> --
> Thomas Samson

ahh now that might just work.. why didn't I think of that
I open the connection from work end -R means remote port ? I've read
the command line options parts of the man page about 10 times but I
still didn't entirly under stand the exact difference between the -L
and -R flags!!
hmm I guess I could turn off encryption on one of the connections too
if that's possible. My company actually provides vpn access, but it
would be nice just to have a simple ssh connection, maybe I ought to
check it's not against security policy or something. Having said that
i'm pretty sure they dont mind outgoing ssh connections.

Cheers

got it working now, thanks !