Date: Thu, 5 Feb 2004 14:59:03 -0500 (EST) From: Tuc at the Beach House <tuc@tucs-beachin-obx-house.com> To: will@unfoldings.net (Willie Viljoen) Cc: tuc@ttsg.com Subject: Re: Whats the best solution? Message-ID: <200402051959.i15Jx3ME013956@vjofn.tucs-beachin-obx-house.com> In-Reply-To: <004a01c3ea1f$1a34cea0$0a00a8c0@arista> from "Willie Viljoen" at Feb 03, 2004 08:29:39 AM
next in thread | previous in thread | raw e-mail | index | archive | help
> > SSH :-) > Um, yea? > > Have a look at the ssh(1) manpage. > Ok, I have. > > The port forwarding should be able to do > what you are looking for. > But I want EVERY port forwarded. The -L/-R seems to be on a per port basis. > > Also, to get the authentication to be automatic, > set up your SSH to use public keys, and use a passphraseless public key on > your laptop. This will let it automatically log in and set up the tunnel. > You can then tunnel any TCP traffic through a secure channel to your server. > This is all described in the man page. > But on a per port basis, right? The -D, isn't that for SOCKS4? Wouldn't I have to make everything SOCKS4 aware? I don't want that... > > For DNS, use the IP address of the server you plan to use for the other end > of the tunnel. As long as you open only UDP port 53 and configure it > sensibly, there should be no security risk to running a DNS that accepts > from any IP, all proper DNS servers need to do this anyway. This way, you > can run your own DNS, and possibly even put in some private DNS tricks to > make working with the tunnel easier. > What about all the other ports? Is there something that is more "overall" and I can "default route" through? Thanks, Tuc/TTSG Internet Services, Inc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402051959.i15Jx3ME013956>