I
I
interprise2015-02-02 10:34:08
linux
interprise, 2015-02-02 10:34:08

How to connect to a gray ip via ssh?

It is required to forward a port to a machine from a machine with a gray ip to a machine with a white one.
Now I have a solution to this problem, using port forwarding. Those to the machine with a white ip are connected via ssh and forwarding is already configured there. In this solution, everything suits me, except for the fact that the server (which has a server ip) gets full access to the machine. Thus the question arises how to set up an ssh server so that it only allows port forwarding and nothing else. Windows is installed on a machine with a white ip, there was even an idea to spin a virtual machine with linux for these purposes, but I think this option is too redundant. Maybe there is some container for ssh? as I understand it, the problem cannot be solved simply by setting the access rights in windows, the user will still have excessive rights.
Now I'm doing this ssh [email protected]_IP -R 127.1:1022:127.1:22
but this scheme has the above-described drawback, in addition to the forwarding port itself, we get extra rights
. In the discussion, it turned out that I was asking the question badly. so in more detail
there is machine A gray ip.
There is a machine B white ip.
The task is very simple, connect from machine B to the ssh server of machine A.
Above, I wrote my solution, but in addition to the actual ability to connect via ssh, we get user rights and no matter how you cut the rights by the system, there will still be superfluous ones.
As an option, you can configure vpn, but for the task of connecting to one port, it seems to me too "fat" solution, and again, machine A gets access to the subnet of machine B. which is also superfluous.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
I
ivankomolin, 2015-02-02
@ivankomolin

I didn't quite get it
But you correctly noticed "portforwarding". A simple description of how this can be implemented:
1. It is necessary for the ssh server (on a machine with a gray ip) to change the port it listens to another one (which is not used on a machine with a white ip, for example - 1020)
2. On a machine with a white ip (this maybe a router) set up portforwarding of all requests from port 1020 to gray ip to port
1020

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question