I was cleaning out some email yesterday, re-read this, and it rang a
bell with something I had just read on Slashdot ...
Cryptographically hiding your SSH ports.
http://it.slashdot.org/article.pl?sid=08/01/08/1417214&from=rss
Don't know if it will help anybody here. I know its over my head, but ...
It apparently goes along with that port knocking stuff. Also over my head.
Jim G
Leif Sawyer wrote:
> Damien Hull writeses...
>
>> I'm at the coffee shop trying to access my data back at the=20
>> home office. I have access to my DMZ. Most of the time
>> that's all I need access to.=20
>> Today is a little different. I'm missing a few files on my=20
>> test server. I need to access my data storage server in the
>> internal network.
>> =20
>> I could do one of the following.
>> =20
>> * Allow ssh into the privet network
>> o green interface on IPCop
>> * Setup a VPN
>> o Doesn't give me ssh access
>> o I would only be able to grab data on the shared directory
>> =20
>>
>
> You don't say what OS is running on your data storage server, or test
> server, or the like.
>
> But you could, you know, easily tunnel ssh inside of ssh.
> which means also, sftp in ssh.
>
> ssh -x -f -L ${PORT}:${DEST}:22 ${USER}@${BASTION} "sleep 10" && \
> sftp -oPort=3D${PORT} ${USER}@localhost
>
> yah?
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Jan 9 17:19:56 2008
This archive was generated by hypermail 2.1.8 : Wed Jan 09 2008 - 17:19:56 AKST