Darren Tucker
2002-May-07 11:09 UTC
tunnel connection like a service with cygwin orotherproducts?
Stephan Hendl wrote:>Darren Tucker wrote: >> The first part should be easy: use cygwin openssh client using some kind >> of passwordless authentication (eg RSA). >> >> To make it run entirely in the background, run it from cygrunsrv (part >> of Cygwin) or SRVANY (NT resource kit). Neither of these work on W95, >> only NT or W2K. > > How does the cygrunsrv work? Unfortunately I cannot find this utility in the cygwin distribution...Download the setup.exe from sources.redhat.com/cygwin. You can find cygrunsrv under "Admin" Category. I just set up a basic forwarder. The steps I took were (on the client): # ssh-keygen -t rsa -f /.ssh/id_rsa Generating public/private rsa key pair. [set a null password] # scp /.ssh/id_rsa.pub dtucker at 192.168.1.1:.ssh/authorized_keys Password: # ssh 192.168.1.1 echo passwordless auth works passwordless auth works # cygrunsrv -I SSHFWD -p /usr/bin/ssh -a "-L 3128:192.168.1.1:3128 -v -N -l dtucker 192.168.1.1" # net start SSHFWD # netstat -an | grep 3128 TCP 127.0.0.1:3128 0.0.0.0:0 LISTENING # telnet 127.0.0.1 3128 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. HEAD http://www.openssh.com/ HTTP/1.0 HTTP/1.0 200 OK [snip] Connection closed by foreign host. # tail -1 /var/log/SSHFWD.log debug1: channel_free: channel 1: direct-tcpip: listening port 3128 for 192.168.1.1 port 3128, connect from 127.0.0.1 port 1891, nchannels 2 For production use, you'd probably want to set up a dedicated account (possibly with a shell of /bin/false), make the authetication stronger (eg by specifying "from=" on the authorized_keys entry) and write a wrapper script for the client side to restart on connection failure. -Daz.