MESSAGE
DATE | 2001-11-06 |
FROM | Billy
|
SUBJECT | Re: [hangout] openssh upgrades
|
From owner-hangout-desteny-at-mrbrklyn.com Tue Nov 6 00:43:09 2001 Received: (from mdom-at-localhost) by www2.mrbrklyn.com (8.11.2/8.11.2/SuSE Linux 8.11.1-0.5) id fA65h8B20450 for hangout-desteny; Tue, 6 Nov 2001 00:43:08 -0500 Received: from mail.dadadada.net (MAIL.DADADADA.NET [209.48.2.106]) by www2.mrbrklyn.com (8.11.2/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id fA65h8m20444; Tue, 6 Nov 2001 00:43:08 -0500 Received: from localhost ([127.0.0.1] ident=root) by mail.dadadada.net with esmtp (Exim 3.12 #1 (Debian)) id 160yxV-0005tp-00; Tue, 06 Nov 2001 00:39:41 -0500 Received: from billy by localhost with local (Exim 3.12 #1 (Debian)) id 160z1K-0004XT-00; Tue, 06 Nov 2001 00:43:34 -0500 Date: Tue, 6 Nov 2001 00:43:33 -0500 From: Billy To: Ruben Safir Cc: hangout-at-nylxs.com Subject: Re: [hangout] openssh upgrades Message-ID: <20011106004333.E17213-at-dadadada.net> References: <20011101204054.A7774-at-www2.mrbrklyn.com> <20011105234139.Q13617-at-dadadada.net> <20011105235958.M19167-at-www2.mrbrklyn.com> <20011106002825.B17213-at-dadadada.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011106002825.B17213-at-dadadada.net>; from billy-at-dadadada.net on Tue, Nov 06, 2001 at 12:28:25AM -0500 Sender: owner-hangout-at-mrbrklyn.com Precedence: bulk Reply-To: Billy List: New Yorkers Linux Scene Admin: To unsubscribe send unsubscribename-at-domian.com to hangout-request-at-www2.mrbrklyn.com X-Keywords: X-UID: 20403 Status: RO X-Status: A Content-Length: 2206 Lines: 65
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, Nov 05, 2001 at 11:59:58PM -0500, Ruben Safir wrote: > Cool > > What do you use it for? Does that encrypt your whole X -Session?
But all showing off aside, I use it to get and send mail securely. I've got dadadada.net on a rack somewhere, and my laptop stays with me. As long as I have at least one ssh open to mail.dadadada.net, I can securely smtp and pop to and from that host. Here's how:
billy-at-purple:billy$ cat .ssh/config Host * ForwardAgent yes Host mail.dadadada.net LocalForward 1111 127.0.0.1:110 LocalForward 1112 127.0.0.1:25 #... more stuff that I'm not discussing :) ...
That config file has all of the magic... When I ssh to mail.dadadada.net, I am automatically opening up these two forwarded ports. Port 1111 of my local laptop is really a secure connection to some port over at mail.dadadada.net, controlled by my remote ssh, which forwards all traffic to 127.0.0.1:110.. (localhost:pop3)
Check it out (I've got an ssh open in another window):
billy-at-purple:billy$ telnet localhost 1111 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK POP3 localhost v7.64 server ready
billy-at-purple:billy$ telnet localhost 1112 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 mail.dadadada.net ESMTP Exim 3.12 #1 Tue, 06 Nov 2001 00:32:50 -0500
The interesting thing is that mail.dadadada.net doesn't have to allow outside access to any ports other than ssh, but I can get to any 'localhost' service I want. In the smtp and pop logs over on mail.dadadada.net, all I see are accesses from localhost. All of my mail headers show localhost->localhost->localhost, and don't give any information about where I was when I sent the message. It's a sweet setup.
- -- "The funk, the whole funk, and nothing but the funk." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE753iE+2VvpwIZdF0RArPGAJwNrzBOVW9rXAAxEH97F4ktOVsLrACfSkBy YWQA/qmZvdVsvL3QnGyWPl0= =VNx2 -----END PGP SIGNATURE----- ____________________________ New Yorker Linux Users Scene Fair Use - because it's either fair use or useless....
|
|