I have access to a number of servers which are behind firewalls. To access them I generally create a SSH tunnel through the firewall and then connect to the server through the tunnel. To speed up this process I made the following bash function (copy it into your .bashrc):

[bash]#Forward ssh connections through a firewall
function fw {
fw firewall destination [port]
fw alias

Generate an ssh tunnel through a firewall & connect through it to the destination.
Port refers the local port devoted to the tunnel. Only one tunnel may be generated per port.
Alias refers to a named tunnel, specified in ~/.ssh/tunnels.
if [[ ! "$#" =~ [1-3] || "$1" == "-h" || "$1" == "–help" ]]; then
echo "$USAGE" >&2
return 70


if [[ "$#" == 1 ]]; then #alias mode
TUNNEL=$(egrep -i "^$1 " $TUNNELS 2>/dev/null ||
{ echo "Tunnel $1 not found in $TUNNELS." >&2; return 2; } )
FW=$(echo $TUNNEL|awk ‘{print $2}’)
DEST=$(echo $TUNNEL|awk ‘{print $3}’)
PORT=$(echo $TUNNEL|awk ‘{print $4}’)

# Create tunnel & establish a connection through.
# Tunnel will close when the last connection through it closes.
ssh -f -L $PORT:${DEST##*@}:22 $FW ‘sleep 10’ &&
ssh -p $PORT -l "${DEST%%@*}"

Now, to ssh into ‘hotstuff.ucsd.edu’ through firewall ‘kerberos.ucsd.edu’, just run
[bash]$ fw sbliven@kerberos.ucsd.edu sbliven@hotstuff.ucsd.edu 2200[/bash]
You can also make additional connections via ssh/sftp/sshfs on port 2200.

Frequent connections can be stored in a configuration file. Put a line in ~/.ssh/tunnels for each connection with an alias, the firewall, the destination, and the port:
# ~/.ssh/tunnels
# Alias fwuser@Firewall destuser@Destination Port
hotstuff sbliven@kerberos.ucsd.edu sbliven@hotstuff.ucsd.edu 2200
Now, just write fw hotstuff and everything will connect.


Leave a Reply

Your email address will not be published. Required fields are marked *