Thanks Robert. I used port forwarding as a solution to secure telnet. But now i am getting a problem in determining the source/client IP address from which the telnet connection has originated. It always shows source IP as as 127.0.0.1/localhost. Can anyone please suggest me , if there is any way to determine the correct source IP. Thanks and Best Regards, Pavan On Sat, Oct 18, 2008 at 1:37 AM, Robert Hajime Lanning <robert.lanning@xxxxxxxxx> wrote: > On Fri, Oct 17, 2008 at 7:51 AM, Sudarshan Soma <sudarshan12s@xxxxxxxxx> wrote: >> Thanks all for your valuable inputs. >> >> My telnet server application has its own way of handling >> authentication, commands supported,.. >> Hence i cant easily move to ssh. I know i can use SSH to use my own >> authentication using PAM, but the other things such as commands >> supported are all not easily done just by moving to ssh server. >> >> Based on my requirements , i think tunelling(either stunnel or ssh >> tuneling) is the best option to go with, if not please suggest any >> other way you could think of? >> >> With tunneling, Can i somehow avoid the client side setup of >> specifying a non-standard port which will forward requests to sshd. >> >> Can it be as easy as below: (I think its not possible, but i just want >> to confirm that ) >> >> on the server: >> - A tunneling port (7778) listens , which forward connections to my >> application running at port 4050. >> >> on the client: >> use ssh to connect to port 7778. This will make the server port 7778 >> forward the connections to my application port 4050 and back in the >> same way. >> >> Please advice. >> >> Best Regards, >> Pavan. > > This will be a complex setup on the client side, but this is how ssh > tunneling works. > > Server: > sshd listens on port 22, and has a configuration to allow the specific > port forwarding you need. > Accounts the clients will login to need to have a shell that just > sleeps. (don't allow other commands to run) > > Client: > You need to configure the port forwarding: (openssh) > ssh -N -L4050:localhost:4050 account@server-host > then on the client: > telnet localhost 4050 > > -- > And, did Galoka think the Ulus were too ugly to save? > -Centauri >