-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I don't know why I have such a hard time wrapping my mind around ssh and tunnels, but I'm lucky to be able to create a point a to point b tunnel. I use syntax such as this... ssh -f -l username -N -L 9999:destHost:22 intermediateHost This allows me to log on to my localhost, port 9999 and wind up at the destHost by way of the intermediateHost. I'm able to do my login as such... ssh -p 9999 -X -Y localhost ...and run xclock on the destHost and have the X display return to my notebook. So far so good. My need is as follows, though. Notebook=initial end of tunnel HostA=gateway server HostB=2nd server in a DMZ HostC=3rd server behind private firewall - From my notebook, I need to be able to create a tunnel that traverses Hosts A, B and C, and then successfully sends X back from HostC to my notebook. The reason for this is that HostC is an Oracle box behind a private LAN, and because of security my only access point is from HostB in the DMZ at the same location. I can only access HostB from HostA, which is located in my office and which has a hole in the DMZ firewall allowing ssh traffic. All of this in order to run a security patch on HostC to upgrade Oracle, which requires that the X generated by the java script be able to reach my notebook so I can successfully run the script. I've never figured out how to get X to run up and down the pipe on a multi-hop tunnel without jumping the tracks and trying to output its display to HostA or HostB before reaching the notebook. Can someone give me example syntax that I can tweak and try to understand? It would be very much appreciated. Thank you! Unca Xitron -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSQjMeI4JEV90z/PrAQJPxQ//Vj/7gGioCzw/AVeVJfoEbZXlG5/O3zBQ Qi/tsCs7jrV2I825DYGWb3HBGIZozRf74giFfFU7bc5hasUagZgO9/+5xtHCAkXl 4xGWnBWJgrlkdDVqhyvI5DOmLDjNDrdUsARXI5zpRVXl1i0Etf54EBW5xmq4kaUG 1GIeiIMX7slD1v5Tiz97Yu2gTGZFyzTx3qYvWwVBf4/KJDL6cJN1ZYf6Fvz0oG38 sXatMTIbdaNi+nSePAuxBZLNRBuurUB4c2V2k9jaPEWZvk1rUxlFRkjCHyE8OaSj 0h6uWEvUTMeolavVLFkZ0sL+G4LEiwa84wJhg05OEXWLkP6sDGC7FeHS+9j8IyCh 8kj3lw0ftIpeU8C94/TXkZxZZFEwdtvpRUbqfcnLvd2gQmNLhssUmUCJNUF9ktOp +P17h+leXP6ZlOevjtrcygxzxvUNhmNdPGPFqA9bVpY7G7IzIU/mCPfUvX3A+kiv Modp8+CSk70TQhBrcpSaYHNC1Rjqb6i4SOR1C9uENk+HTE6+XIH10EGj3mjw84XW LmDjkgG6IoP1ZQh/YxQA83osRUVdcLF8OprnOM7e1Q0myZSe0lzSYdhx3+acCWk2 P1ZykdYgyaiNkfEjPGvGM05fvcs4KNmoEmeLmlbttmHftafcX1dCK2//c4QxEyVn w8grrQpbjjI= =wciI -----END PGP SIGNATURE-----
