1

Curretly I have two machines. One with public ip named login and another one are in the same innet named admin. Here is what I want:

  • When I use ssh -p 23 login, I can login to admin via 22 port in admin.

I tried two ways:

  1. Change PREROUTING and INPUT chain in iptables, forward 23 in login to 22 in admin. This didn't work.

  2. Use Local forwarding in login or reverse forwarding in admin.

This way seems to work. however, I can only use ssh -p 23 localhost within login computer and failed when I try to connect admin in another computer with ssh -p 23 login. I thought this is very close to what I want, but can't figure out how to fix it.

The command I used:

# in admin
ssh -N -R 0.0.0.0:23:localhost:22 login

or

# in login
ssh -N -L 0.0.0.0:23:localhost:22 admin

update

After I changed the port 23 to 222 or any other port, It worked.

It could because 23 a port used by telnet(However this port is not occupied by any program.)

BAKE ZQ
  • 111
  • Just use a ProxyCommand or a JumpHost like https://unix.stackexchange.com/a/25080/70524 or https://unix.stackexchange.com/a/398015/70524 – muru Nov 26 '19 at 09:02
  • @muru Thanks for you suggestion, can you tell me why it doesn't work? – BAKE ZQ Nov 26 '19 at 09:05
  • Probably because the forwarding should be something like ssh -L 2022:admin:22 -p 23 login where 2022 is some random port on the local system (-L <bind_port>:<target_host>:<target_port>). – muru Nov 26 '19 at 09:09

0 Answers0