2

I'm looking for some software that can perform remote forwarding of socket connections across a TTY-style link. I have two machines, A and B. I have admin privileges on A, but not B, but on machine B I am able to run arbitrary server software that does not require admin. Machine A does not have a public IP address, but machine B does. I am able to set up an outgoing connection from machine A to machine B and transfer arbitrary data across it, but what I need is some software that I can run on machine B that will accept an incoming connection, send the data from that connection to a process running on machine A, which will then initiate a new connection to a server running on machine A.

I am, unfortunately, not able to use ssh for this purpose as it has been configured by the administrator of machine B not to allow forwarding. Otherwise, running ssh -R 4567:localhost:1234 machineb from machine A would achieve what I'm looking for.

Anyone know of another way of doing this? For reference, machine A runs Ubuntu Linux and machine B runs OpenBSD, although I'd prefer a solution portable across all unix variants.

Improve this question

1 Answer 1

Reset to default
3

You can use socat to do the job. You need socat installed on machine A and nc (netcat) on machine B (socat will also work). Following there's an example on how to handle one TCP connection (you can read socat's documentation to know how to handle more and customize behaviour).

You should run on machine A:

  • The service you want to expose to machine B, let's say a webserver on port 8000 (you can test it by running python3 -m http.server or python2 -m SimpleHTTPServer in any directory you want to expose the files);
  • socat to redirect between STDIO and an SSH connection to B. This SSH connection to B will run nc listening to a specific port.

So, run on one terminal session on machine A:

python3 -m http.server

And in another terminal session on machine A:

socat EXEC:'ssh user@machineb "nc -l -p 8888"' TCP4:localhost:8000

If socat is also available on machine B, you can replace nc with it:

socat EXEC:'ssh user@machineb "socat STDIO TCP-LISTEN:8888,reuseaddr"' TCP4:localhost:8000

Explaining the concept: socat will redirect any stdin/stdout of the command ssh user@machineb "socat STDIO TCP-LISTEN:8888,reuseaddr" to a TCP client connection on localhost:8000 (TCP4:localhost:8000). The command will run the SSH connection to machine B and run socat there, which will redirect anything that connects to port 8888 locally on machine B (TCP-LISTEN:8888,reuseaddr) to the stdin/stdout (STDIO).

Yes, socat is awesome!

Improve this answer
0

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .