On Tue, Jan 31, 2017 at 3:55 PM, Sudarshan Soma <sudarshan12s@xxxxxxxxx> wrote: > Thanks Darren, the intention to do this : > allow users to access my own shell/CLI(including authentication) on port 22. > their firewall settings doesnt allow anything other than port 22, so I would > internally redirect to port 1023 when customuser is provided. If the clients are openssh you could use it in "stdio forwarding" mode to establish an end-to-end connection to the sshd on port 1023. You'd configure the server something like this in the main sshd's config: Match user customuser MaxSessions 0 PermitOpen localhost:1023 then in the client's config Host yourapplication ProxyCommand ssh -W localhost:1023 customuser@yourgateway which should allow "ssh admin@yourapplication" to work. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev