RE: Speaking of ssh->pop

[Victor Granic <vgranic () 724 com>]

:  -----Original Message-----
:  From: Lance Spitzner [mailto:lance () ksni net]
:  Sent: Monday, December 13, 1999 8:15 PM
:  To: firewall-wizards () nfr net
:  Subject: Speaking of ssh->pop
:  
:  
:  I be ssh challenged.  How do I setup the server
:  side to accept ssh tunnels and forward them to
:  the pop server? 
:  
:  On the client, all we have to do is follow
:  Crispin's nice little script:
:  
:  #!/bin/sh
:  ssh -C -l crispin -f \
:          -L 6666:your.mail.server:110 \
:          your.mail.server xbiff -geom +17+690
:  
:  Now, what do I have listening at port 110 on
:  the remote end, POP or ssh?
:  
:  We, the ssh challenged, greatly appreciate
:  your words of wisdom :)


On the server side, simply start your sshd.  As for the pop daemon, start
that the way you normally would, either as a daemon or via inetd.  If you
only want it available through ssh tunnels, restrict access to that service
from the localhost only.  No changes here unless you include the localhost
access restrictions.

Now client side fun.  When you execute the script above you'll be prompted 
for a password and the process will go into the background.  At this point
the 
connection has been established and you are ready to tunnel traffic between
the local port 6666 and the server port 110.  Now modify your client pop 
settings to point to localhost:6666 and away you go.  Crypto tunnels for the
masses.

For windows boxen there's teraterm and a ssh plug-in which supports port
forwarding.  The World's a better place for it.

Victor