> --- On Mon, 2/2/09, Peter Künnemann
> Date: Monday, February 2, 2009, 2:56 PM
>
> Thanks for your tip but in this case I do not have any
> influence on what
> runs on the clients except for ssh, one client gonna be a
> router box
> with OpenWRT running an un-manned application that should
> be connected
> from outside world without having to open any firewall
> ports, the other
> end beeing some Windows (or whatever) application that
> needs to contact
> the router box. The only world-known is the service in
> middle!
> a keys.
> >>
> >> (Client begind NAS) ------( server )-------(Client
> behind NAS)
> >> SSH -------> <------
> SSH
> >> \_Bridge/
> >>
> \______________tunnel_____________/
> >>
>
Have you considered a 'REMOTE' port forward? For example, client1 could perform a remote port forward of client1's ssh port (tcp/22) to the "server", then client 2 could pull that port local to client2. Ie:
client1: ssh -l userOnServer -R 10022:127.0.0.1:22 ip.of.server
client2: ssh -l userOnServer -L 10022:127.0.0.1:10022 ip.of.server
client2 (in another window): ssh -l userOnClient1 -p 10022 localhost
