[kwlug-disc] Using SSH to authenticate

Richard Weait richard at weait.com
Sat Mar 13 18:45:40 EST 2010

Thought I'd fill out the example a little more because this Just Isn't
Intuitive To Me. I've tested this now and it Works For Me.

# set up the tunnel without privileged users
# the tunnel is from HomeHost port 2222 to TargetHost port 22
# we assume RelayHost is listening on 22, otherwise add -p RelayHostPortNum

ssh -L 2222:TargetHost:22 RelayUser at RelayHost

# response is prompt for RelayUser password:
# this terminal will offer a prompt on RelayHost.
# leave this connection open

# open another terminal on _HomeHost_
# ssh to your side of the tunnel

ssh localhost -p 2222

# this terminal will prompt for "localhost" password
# but the tunnel means that localhost:2222 is actually
# TargetHost:22. Reply with TargetHost password.

There must be an option to open the tunnel in the background that
removes the requirement for a second console but I'll leave that as a
pro tip for somebody else.

More information about the kwlug-disc mailing list