On Tue, Jan 31, 2017 at 3:55 PM, Sudarshan Soma <sudarshan12s@xxxxxxxxx> wrote:
> Thanks Darren, the intention to do this :
> allow users to access my own shell/CLI(including authentication) on port 22.
> their firewall settings doesnt allow anything other than port 22, so I would
> internally redirect to port 1023 when customuser is provided.
If the clients are openssh you could use it in "stdio forwarding" mode
to establish an end-to-end connection to the sshd on port 1023.
You'd configure the server something like this in the main sshd's config:
Match user customuser
MaxSessions 0
PermitOpen localhost:1023
then in the client's config
Host yourapplication
ProxyCommand ssh -W localhost:1023 customuser@yourgateway
which should allow "ssh admin@yourapplication" to work.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
