A is our desktop. C is a remote computer we want to connect to. B is a server in the middle.
For various reasons we want to first connect from A to B, then from B to C. A scenario is where C is behind a firewall bridged by B.
A specific scenario is this:
I have a linksys router, e.g. Terbium.internet.com, which manages the network in a lab. There are several computers on the network in the lab behind Terbium: Sulfur, Phosphorous, Oxygen (192.168.1.106) etc.
My home computer is Niobium.
Terbium is a linksys router (W54G) running tomato and you have to log in as root using a keyfile.
Oxygen is a debian box where I have a personal account as user verahill.
The ugly method:
In the same terminal on computer Niobium do
ssh root@terbium.internet.com
ssh verahill@192.168.1.106
This works fine for working remotely on oxygen (192.168.1.106). However, file transfer is a pain
The pretty method:
In one terminal on Niobium, do
ssh root@terbium.internet.com -L 9999:192.168.1.106:22
In another terminal on Niobium, do
ssh verahill@localhost -p 9999
Basically, all traffic to port 9999 on niobium is forwarded to port 22 on Oxygen -- not terbium.
The cool thing? File transfer is a breeze (via sftp using e.g. filezilla)!
It really is that simple
Web tunnel
to browse the internet via a tunnel it's still easier to do
ssh -C -D 9889 root@terbium.internet.com
and set your browser to use a SOCKS proxy -- point it to localhost, port 9889.