[kwlug-disc] Getting around firewalls

CrankyOldBugger crankyoldbugger at gmail.com
Tue Jan 20 10:10:23 EST 2015 

I take it that you're trying to SSH to a computer that you own?  If that's
the case you can just set up Port Forwarding on your router.  Then you can
pick some wild port number, up to 65535, I think, and have your home router
redirect that port to port 22 on your home computer.

I've got all of my home Linux boxes set up this way, then I use DynDNS to
get the names straight.  So if I'm at work (which seem to like blocking the
useful ports for some reason), I can SSH to my Ubuntu desktop using:

ssh user at ubuntubox.org -p 45678

So I'm using port 45678 to get out of the office.  Then on my home router,
port forwarding knows that port 45678 should be forwarded to my Ubuntu
box's internal IP (192.168.x.x), using port 22 between the router and the
desktop.

You just need to do some playing around to see if port "45678" (or any
other port over 1024) is open at the school.

Now if you're trying to connect to a machine that someone else owns, well
that's a different story... I wonder if you could set up a proxy server at
home that points back out to the internet?




On Tue Jan 20 2015 at 9:58:10 AM Keefer Rourke <keefer.rourke at gmail.com>
wrote:

> For some strange reason, I've found high school institutions to be
> *extremely* *NIX-phobic. And they, or at least my particular school, seem
> to be becoming increasingly so. Previously I had only noticed firewalls in
> place which block all traffic from major Linux package managers like apt
> and yum, though this never affected me as I've never had an issue updating
> my Arch Linux installation while on the school network.
>
> However, things appear to have changed as SSH connections are now also
> blocked. Before the winter holidays I could use secure shell at school to
> my heart's content, but now that people in my computer engineering class
> are beginning to use it more often so they can remotely connect to their
> headless Raspberry Pis (with which we're supposed to be controlling
> robots), the protocol has conveniently stopped working (I'm guess the board
> discovered this "unusual" traffic and decided to block it). I now find
> myself needing a way to get around this problem, or my summative project
> will have come to an effective halt.
>
> As a suggested work-around, I tried changing the default port on the host
> (the pi) from 22, to 443, and establishing a connection to that port from
> my laptop, but the connection still times out after a few minutes. I'm
> wondering if, either I'm doing something wrong with the port configurations
> (though the verbose output from SSH would suggest otherwise), or if there
> is another solution to getting around the WRDSB's apparent hatred of free
> technology.
>
> My teacher suggested that we create a subnetwork between the two machines,
> which I will try today, but if there are any alternative solutions, I'd
> love to know of them. Anyone else run into problems like this?
>
> --
> Cheers,
> Keefer
>  _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20150120/2e3f644d/attachment.htm>

More information about the kwlug-disc mailing list