Friday, January 28, 2011

Digging Tunnels (part 2)

WARNING: following the instructions below can get you in trouble.

REMINDER: most system administrators can and do google.

As promised, this time I'll show how to tunnel from your workstation at work, to your PC at home, through a protocol aware firewall - only that this time with the client workstation running Windows.

Server setup is the same as in the previous post. If your home machine runs Windows, then you may want to research setting up Cygwin with an SSH daemon and stunnel directing traffic to it. I haven't done it myself, so you're on your own here.

Client side, at work, is easy, if you already have Cygwin installed there:
  1. install stunnel using Cygwin's setup.exe
  2. add the following stanza in ~/.ssh/config (where sshd.example.com stands for the address of your home PC):
    Host sshd.example.com
      Port 443
      ProxyCommand stunnel3 -c -f -r %h:%p   
    
If you don't have Cygwin, then do this:
  1. download and install stunnel for Windows
  2. open stunnel.conf for editing by selecting 'Edit stunnel.conf' from the newly created stunnel sub-menu in the Windows Start menu
  3. replace its contents with the following:
    client = yes
    debug = 7
    [putty]
    accept = localhost:60022
    connect = sshd.exmaple.com:443 
    
    (replace the stuff in red with your own stuff)
  4. start stunnel by selecting 'Run stunnel' from the same stunnel sub-menu as before
  5. use PuTTY to connect to your home PC, by pointing it to localhost:60022
  6. if you hit any problem, then you may be able to troubleshoot it by going over the stunnel log messages, which can be accessed from the stunnel tray icon context menu

No comments:

Post a Comment