[Solved] SFTP through SSH tunnel, or any alternatives?
I'm at school behind an http proxy and I can SSH into a Linux server here at school and access my Linode from there. I can also tunnel through that server to do (almost) anything I want, except SSH directly from my machine or use SFTP. Tunnelling is legal here at school, so I'm not trying to do anything illegal here
But I was wondering how I could easily access my files from my machine in a secure way? And would running a VPN solve anything? Never used anything like it.
Also I've been trying to use tsocks, which isn't really working. I've also read stuff about SSH relaying but I haven't been able to set it up.
Any ideas? Thanks
4 Replies
So, connect to the local machine (port 22), and have it listen on port 1234 and forward that to port 22 on the remote box. Then SFTP to the local machine on port 1234.
I'm trying to go like :
Laptop -> ServerAtSchool -> MyLinode
SSH from Laptop to ServerAtSchool works, also tunnelling. SSH to MyLinode doesn't work (and no SFTP ofcourse). And when I enable my SOCKS proxy system wide, SSH nor my SFTP program won't connect to MyLinode.
I've tried to play around with the -L and -R switches, but I don't understand where to run em from and stuff. Also the ServerAtSchool is running "SSH Secure Shell 3.2.9.1", 'ssh -D' doesn't seem to work on it, so I can't run a tunnel from ServerAtSchool to MyLinode x.x;
I think I've tried what you meant, but not sure. If not, would you mind giving the commands for an example
Thanks!
ssh ServerAtSchool -L 2222:linode:22
(replace ServerAtSchool and linode with appropriate hostnames/IPs)
this sets up a local (ie your laptop) port forward to your linode, tunneled via ServerAtSchool. Once logged into ServerAtSchool you should be able to SFTP to localhost:2222 from your laptop, but actually end up at your linode.
to use a different port with command line SFTP, you'll need to:
sftp -oPort=2222 localhost
2222 can be swapped for any high numbered port (>1024 that doesn't have a service running on it on your laptop)
You'll need to keep the ssh to ServerAtASchool session open, which probably isn't a problem, but look at the -N and -f options in the ssh manpage if you don't like this.
If you use this with more than one host, you'll hit problems with ssh thinking localhost has changed keys - just delete the relevant lines from your ~/.ssh/known_hosts file before connecting.
Hope that helps..
Keeping it open isn't a problem indeed, I'm just screening it lol.