I've been trying to accomplish this scenario:
HOST_WORKis behind non-transparent squid_proxy (its not, but to get outside you need to use it, all other packets are black-holed on gateway not to mention 0% incoming) where we have SSL so that means also http_connect or just CONNECT support which is needed for SSH tunnel via PuTTY in the first place.HOST_SERVERis some VPS I own with SSH configured with::443, KeepAlive,GateWayPorts and /sbin/nologin + /dev/nullshell account for port forwarding.HOST_MEMYSELFANDIis workstation here at my home.HOST_WORK::3389<=-SQUID:3128-=>HOST_SERVER::443>>><<<=HOST_MEMYSELFANDI
Yes, reverse RDP. (no I dont want VNC even if I know its designed with reverse connect featuer)
I've tested for today without proxy in place and worked even to remote IP in LAN.
I added proxy:port to PuTTY* and it would reverse tunnel only to localhost:port not to some other box in LAN (yes, I set it myself R3390 127.0.0.1:3389 in Tunnel panel).
Questions:
1) Is it possible to do fool-proof SSH tunnel and do reverse "service name" over HTTP proxy that supports CONNECT (any SSL aware proxy?)
2) How in the name of God do you set proxy and port (no Auth !!! just ip:port of proxy) in plink.exe cmd line? *I've been generating sessions with PuTTY GUI and doing plink.exe -load "session" instead.
3) Any other suggestions? (if you mention SSL tunnels, I would prefer VPN solution than that)
No comments:
Post a Comment