|
Home > Archive > Unix Shell > February 2005 > SSH/SFTP Connection Forwarding
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
SSH/SFTP Connection Forwarding
|
|
| intercom5 2005-02-20, 6:19 pm |
| I was wondering if anyone knew how to setup sftp connection forwarding.
What I mean by this is that a user tries to connect via sftp to a
remote server, say login.domain.com. I want this server (the login
server) to then redirect the client to another server based on which
client it is.
For example, user1's files are on server1.domain.com and user2's files
are on server2.domain.com. But if either of them connects to
login.domain.com, they will be forwared to their correct server
(server1 for user1 and server2 for user2).
I know something like this is possible, because my university did it -
I just have no idea where to start.
Any help would be greatly appreciated.
--Sachin
| |
| Martijn Lievaart 2005-02-20, 6:19 pm |
| On Sat, 19 Feb 2005 11:00:07 -0800, intercom5 wrote:
> I was wondering if anyone knew how to setup sftp connection forwarding.
> What I mean by this is that a user tries to connect via sftp to a
> remote server, say login.domain.com. I want this server (the login
> server) to then redirect the client to another server based on which
> client it is.
>
> For example, user1's files are on server1.domain.com and user2's files
> are on server2.domain.com. But if either of them connects to
> login.domain.com, they will be forwared to their correct server
> (server1 for user1 and server2 for user2).
>
> I know something like this is possible, because my university did it -
> I just have no idea where to start.
Easy if you control the firewall (or install one on that machine). Just
redirect the connection to the appropriate machine based on the source
address. Any decent firewall should be able to do that.
M4
--
Ah, the beauty of OSS. Hundreds of volunteers worldwide volunteering
their time inventing and implementing new, exciting ways for software
to suck. -- Toni Lassila in the Monastry
| |
| Icarus Sparry 2005-02-20, 6:19 pm |
| On Sat, 19 Feb 2005 11:00:07 -0800, intercom5 wrote:
> I was wondering if anyone knew how to setup sftp connection forwarding.
> What I mean by this is that a user tries to connect via sftp to a
> remote server, say login.domain.com. I want this server (the login
> server) to then redirect the client to another server based on which
> client it is.
>
> For example, user1's files are on server1.domain.com and user2's files
> are on server2.domain.com. But if either of them connects to
> login.domain.com, they will be forwared to their correct server
> (server1 for user1 and server2 for user2).
>
> I know something like this is possible, because my university did it -
> I just have no idea where to start.
The obvious first question is why don't server1 and server2 export their
files to login.domain.com? This, together with a suitable password file on
login.domain.com will make it all work without having to hack anything.
If you don't want to do this, then you have to write some code. When you
fire up 'sftp' it starts up a 'ssh user@hostname sftp-server'. You would
somehow have to make firstly the 'login' machine accept the ssh connection,
then make a program (maybe just a shell script) called 'sftp-server' that
decided which machine to connect to, and then made the connection. It would
need to invoke the original sftp-server on the remote end, and copy stuff
between standard input and the remote machine.
Programs like 'nc' 'netcat', 'netpipe' or 'mconnect' may help.
This is a lot more work than just exporting the files from the servers
in the first place.
| |
| shellwave 2005-02-23, 2:51 am |
| I have a sample of ssh forwarding. You login to the first server, and
then forward the connection to the 2nd server without connecting
directly to the latter. Hope the example helps.
http://www.shellwave.com/main/suppo...nnel/index.html
intercom5 wrote:
> I was wondering if anyone knew how to setup sftp connection
forwarding.
> What I mean by this is that a user tries to connect via sftp to a
> remote server, say login.domain.com. I want this server (the login
> server) to then redirect the client to another server based on which
> client it is.
>
> For example, user1's files are on server1.domain.com and user2's
files
> are on server2.domain.com. But if either of them connects to
> login.domain.com, they will be forwared to their correct server
> (server1 for user1 and server2 for user2).
>
> I know something like this is possible, because my university did it
-
> I just have no idea where to start.
>
> Any help would be greatly appreciated.
> --Sachin
|
|
|
|
|