Search

Search this site:

OpenSSH 5.4 and netcat mode

The release of OpenSSH 5.4 was announced today. Its announced features include many small improvements, in usability and in crypto strength.

One of my favorite tricks using ssh is what Ganneff named ssh jumphosts – Many (most?) of my machines are not directly accessible from across the firewall, so the ability to specify in the configuration files where to jump through is most welcome. Well, with this “netcat mode” it will be much clearer to read and less of a hack… Of course, it loses a bit of the hackish æsthetic value, but becomes easier!

(yes, this post is basically a marker so I remember about it — But others might find it interesting)

Comments

Bartosz Fenski 2010-03-08 12:37:29

some hints

Here’s my article about some ways of connecting to firewalled machines: http://polishlinux.org/linux/debian/three-ways-to-securely-access-remote-internal-networks-and-work-from-home/

It contains info about netcat tip too ;)

regards fEnIo


gwolf 2010-03-08 14:29:47

Of course – and thanks!

Thanks for the link. Of course, tsocks is one of my favorite tricks – But it is for quite a different purpose IMO. Jumphosts (or proxies, as you treat them) are great for just throwing it into your .ssh/config and forgetting about it (and, of course, for trying to understand WTF when using a new machine until you remember the trick ;-) Human stupidity is, after all, boundless), and tsocks is to be used when you are in a restricted network or something like that.

Frankly, after finding tsocks, I have not needed setting up a manual VPN. It is just simple and flexible enough for me to be happy!