Reverse SSH from windows box to unix server to windows box possible?

2

2

I'm new to understanding how to setup and use SSH tunnels... but here is what I'm trying to do and I need some help accomplishing it.

I have a computer I want to Remote Desktop into. This computer is behind a firewall I cannot control. I pay surpasshosting.com for their hosting services, and I noticed they have an SSH key section, leading me to believe I could create a tunnel between my firewalled machine and the server. From there, I would be able to connect to my server with any machine, and use that tunnel to Remote Desktop into my firewalled machine...

Theoretically that seems like it should work, but I have really no idea how to do it. I have PuTTY installed, but am not quite sure how to use it. I setup the ppk and open SSH keys on the cPanel on the server, but I cant figure out how to link my firewalled machine to the server, then how I would connect to the server with another computer...

I need some detailed instructiions, I've googled the hell out of this but the only things I can't find instructions for windows remote desktop using reverse SSH.

Todd

Posted 2009-11-06T04:22:21.513

Reputation:

Have you made sure that what you do is okay? There must be a reason the computer is behind the firewall. If it's a company computer it might be an intrusion. Of course, I'm not familiar with your situation, but you might want to be careful. – Roalt – 2009-11-06T06:51:48.030

Answers

1

If you can ssh into the surpasshosting.com machine, then you can do it, but you need physical access to both machines to do it.

Let's call the machine you want to remote desktop into "work" and the machine you want to remote desktop from "home", and the surpasshosting.com machine "proxy".

  1. generate a key on the work computer with puttygen. push the public key to the proxy. If you have shell access, it goes into the ~/.ssh/authorized_keys file. Make sure the authorized_keys file's permissions are 700.
  2. Before you leave your 'work' computer, putty into 'proxy', and create a remote tunnel to local port 3389. You can use port 33389.
  3. When you get to the home computer, puttygen a key like you did on the work computer and push it to the proxy.
  4. now putty into the proxy from your home computer and create a local tunnel from local port 33389 into remote port 33389.
  5. Finally, from your home computer you should now be able to remote desktop into localhost:33389 and the packets should end up on work:3389.

If you have two computers at the 'work' side, you can test all this by using another computer there as the 'home' computer. Then when you have it working go to the 'home' computer.

Also, consider using the "Enable TCP keepalives" option so that the connection from 'work' to 'proxy' does not exit over time.

JohnnyLambada

Posted 2009-11-06T04:22:21.513

Reputation: 339

0

If I read your question correctly, what you're trying to do is create a reverse SSH tunnel from your hosting provider to you Windows machine, enabling port-forwarding in the process? Then connect to your hosting provider, also with port-forwarding, and then connect to the Windows machine?

I'd seriously consider using OpenVPN, and creating a permanent connection out from your Windows server to another point, then connecting to that point using either OpenVPN, or SSH with port-forwarding so you don't have to create multiple reverse tunnels over SSH.

Also, make sure that you use some form of persistent connection, or have a script running to re-establish connectivity out from the Windows server if it goes down for some reason.

warren

Posted 2009-11-06T04:22:21.513

Reputation: 8 599

Asked: 2009-11-06T04:22:21.513

Viewed: 6 601 times

Active: 2009-11-06T07:19:48.783