You are not logged in.

#1 2009-02-19 00:31:33

PinkFloydYoshi
Member
From: United Kingdom
Registered: 2008-11-20
Posts: 29

Reverse SSH with web management

I don't know how to start, but as a example: As a Barracuda Networks customer, if ever I have trouble with our filter at work (They forbid the customer to mess with the box's internals, with reason I suppose, although I am incredibly curious on it's workings) I have to click a button in the web interface which opens a reverse SSH tunnel with Barracuda Networks support, and the tech on the other end will refresh a page (I'm assuming a web interface or something, didn't ask, probably should have) and our box 'appears' and they have root shell access to the box to fix the problem.

I want to recreate this, but instead of having to click a button to create the reverse tunnel, I'd like it to do it after initializing the network daemon (the reason for this is so I can create one image, and deploy that one image as many times as I need, have it fetch new IP addresses via DHCP, then create a reverse SSH tunnel back to the 'host', and...), have the server I'd use as the host for all these tunnels have a web server which allows me access to a page which shows all currently connected and ready reverse SSH tunnels, and allows me to instantly connect to any of them by clicking on a link which takes me to a Mindterm Java SSH client or something. I do a lot of testing, messing and faffing, so while internally, the weak point for the whole thing is the password I assign to the web interface, but this is at home in my test lab so security shouldn't be a problem. I don't know if I can get the custom init script which handles the connection to send a custom syslog event to the host it creates the reverse tunnel against or do it some other way, but if I can get the data in to MySQL (Either via syslog or some other way), I should then be able to satisfy the web interface easily.

Has anyone tried to do this in the past, or does anyone have an idea of how I could tackle it?... Or is it just not feasible? Thanks in advance.

Offline

#2 2009-02-19 16:48:23

bluewind
Administrator
From: Austria
Registered: 2008-07-13
Posts: 172
Website

Re: Reverse SSH with web management

That should be possible with socat and openssl (if you want encryption).

Offline

Board footer

Powered by FluxBB