Re: [TCLUG:7086] ssh port forwarding

[Peter Lukas <peter@math.umn.edu>]

You understand correctly.  In theory, you may establish an ssh connection
long enough for port forwarding to take place -- even on machines you
don't have shell access to.  In your case:

ssh imap.host -L 11220:imap.host:220

Then configure your imap mail client to talk to localhost:11220 ("11220"
or anything > 1024 will do).  You'd have to do this in tandem with your
imap-fetching program (I'm doubtful you could sync it).  The SSH+Pop3 mini
HowTo talks to some detail on how to make this work.

Of course, you could always forward from remote.host to imap.host:

ssh remote.host -L 11220:imap.host:220

This isn't the best solution but assuming that remote.host and imap.host
are both on some sort of protected (trusted) network, it beats doing a
cleartext transmission from local.host to imap.host.

Peter Lukas

On Tue, 20 Jul 1999, Hans Davin Umhoefer wrote:

> I'm trying to secure my imap authentications and connections with ssh port
> forwarding (plain text passwords are making me nervous). The trouble is I
> don't have an account on the machine I am trying to imap to. I'm wondering
> if I'm out of luck.
> 
> Let's say i have three machines: 
> local.host - my own
> remote.host - a machine I have a shell account on
> imap.host - the machine I have an imap account on but no shell access 
> 
> If I understand correctly the secure connection only exists between
> local.host and remote.host, so there is no way for me to secure data going
> between local.host and imap.host for the entire trip. The data still has
> to travel between remote.host and imap.host, which has no secure
> connection.
> 
> Am I understanding correctly or is there a way to do this.
> 
> Thanks,
> 
> Hans
> 
> -- 
> Hans D Umhoefer (spudling@acm.cs.umn.edu)
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
> 
>