OpenSSH (WinXP) Wan loopback testing?

Discussion in 'NZ Computing' started by Gordy, Mar 5, 2008.

  1. Gordy

    Gordy Guest

    Hi,

    Looking for a method or ideas for testing my OpenSSH setup on the WAN
    at home.

    Local testing works okay on my LAN.

    Only have one ADSL line.
    No analog phone line.
    No mobile data option.
    System here is Windows XP Pro SP2.
    Got port forwarding set up on my ADSL router with LAN IP and port 22.
    Have SSH port 22 enabled on my Win XP firewall.

    I have found plenty of web proxy providers but can't find an SSH
    proxy. If that is even do-able.

    Its a long wait at work after testing to find that the SSH link does
    not work before trying something else.
    Port 22 seems to be open at work.

    Any help would be most appreciated.

    Cheers

    Gordy
     
    Gordy, Mar 5, 2008
    #1
    1. Advertisements

  2. One answer: shut down the SSH server on the box, start up a Web server on
    port 22, and see if that's accessible through the proxy. That will prove
    you've got the incoming firewall and NAT settings correct.

    Myself, I've always had access to different clients' machines that I could
    use to test simple things like this.
     
    Lawrence D'Oliveiro, Mar 5, 2008
    #2
    1. Advertisements

  3. Gordy

    Gordy Guest

    Thanks for the tip.

    That did the trick... found that I didn't have SSH port 22 open in
    the network card I was using in the XP firewall exceptions.

    Used ninjaproxy.com and testmyports.com to check ports 21, 22 and 80
    until open.

    Hope to have a good day at work with a succesful SSH link.

    Gordy
     
    Gordy, Mar 5, 2008
    #3
  4. Gordy

    Allistar Guest

    SSH is a powerful protocol, especially when forwarding ports. If you can ssh
    to a computer, then you can expose any ip/port that computer can see (such
    as a webserver on an internal LAN) to the connecting computer. Basically
    ssh opens up the whole of the server side network to you - all through an
    encrypted tunnel.
     
    Allistar, Mar 5, 2008
    #4
  5. You might want to run it on a different port. Set your router to forward
    say 3210 (external) (or any port that takes your fancy) to 22 on the
    target machine (internal).
    An open port 22 is a big target because of the access it can
    provide.(Check your firewall log to see how often it gets probed).
    Using a key instead of just a password provides better protection, but
    if it's only for private use a non-standard port is a good option.
     
    dilberts_left_nut, Mar 6, 2008
    #5
  6. Gordy

    Allistar Guest

    Yes, that's a good idea. Also ensure you only allow connections using
    private/public key pairs - this prevents a lot of dictionary type attacks
    using common password as guesses. Setting up the keys is trivial.
     
    Allistar, Mar 6, 2008
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.