Hi
I was actually searching to see how I can set my source port to be of some fixed value while SSHing to a server, I found the way in this link
http://www.linuxforums.org/forum/security/182001-how-do-i-specify-source-port-ssh-client.html
These are all that you would be require to do.
# ncat -l 2222 --sh-exec "ncat SSH_SERVER_IP 22 -p 443"
From another terminal you can see that port 2222 is listening on my system locally
# netstat -antulp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 847/cupsd
tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 13219/ncat
Form another terminal I tried to ssh to my local machine port 2222.
$ ssh bala@localhost -p 2222
bala@localhost's password:
Linux SSH_SERVER_IP 2.6.32-5
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
bala@SSH_SERVER_IP:~$ exit
logout
Connection to localhost closed.
bala@bala-desktop:~$
Before I closed the connection shown above, I did this command from another terminal, which clearly shows that my source port to be 443.
bala@bala-desktop:~$ ss | grep 22
ESTAB 0 0 10.0.2.15:https SSH_SERVER_IP:22
it's a cool recipe for a network which closed with firewall.
ReplyDeletei have the server with http and ssh port opened. but admin restricts outgoing connections with 80&443.
So, still my router can do NAT depending on source port I can knock-knock through one port :)
thanks a lot.
I proposed a -Z portnum option...
ReplyDeleteSource here: https://github.com/Zibri/openssh-portable
And here is the pull request: https://github.com/openssh/openssh-portable/pull/130