How I connect to my linux box through a corporate firewall.

I, like most, work for a company that filters certain network traffic, preventing me from easily accessing my boxes at home. But using this method, I am able to control my servers through both ssh and vnc.

Most companies block ssh traffic for obvious reasons. But I like the availablity of my boxes from wherever I may be sitting. To allow this functionality I had to sneak around a few things.

First.. Since the firewall blocks port 22, I had to change the port on my ssh server to listen elsewhere. I decided on port 443, because that port is widely open for https traffic, so I can sneak my ssh traffic through it without raising too many red flags. After configuring my server to listen on port 443, I am immediately able to ssh into the box, as long as I change the default port in my ssh client, putty, to 443. SSH is great and all, but there are some tasks that require the use of a GUI, like my money management software. I like to balance my checkbook every time I think of it, so to do that, I need to open up an X session...

I do this using VNC. Obviously, since I'm behind the firewall, I can't just connect to vnc through the default port, I have to do a little configuration. It is possible to pipe VNC traffic through an SSH tunnel... which is exactly what I do. In the putty client, I set up profile like this:

Basic:
hostname: myhostname
port: 443

Proxy:
proxy: corporateproxy
port: corporateproxyport

Connections-SSH-Tunnels:
Source Port: 5901
Destination: localhost:5901
Local

Using these settings, I open an ssh tunnel to my server.. and once that's open, I can connect to my vnc server by using localhost:1 Be careful poking around your companies network though, if they find out, that sort of thing really pisses people off.

Comments

Add New