Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Mark Rupright wrote:
Would you mind letting me look at the script you created?
Sorry for not replying sooner.
You need to download plink.exe and puttygen from the putty download page.
Use puttygen to make a public private key pair, read the docs about
putty keys and openssl keys.
Make a user on your server for the client to connect to. Change the
shell to /bin/false that way the account is a lot more difficult to use
for hacking purposes. It needs a home dir to the best of my knowledge so
you can use the ssh public key which belongs in ~/.ssh/authorized_keys -
you could use password authentication and do away with the public
private keys. You lose security that way, but can gain sme by then
setting the account's home dir to /dev/null
In the folder for the clients you need the private key in putty format,
plink.exe and a .bat script like this:
plink -R 3389:127.0.0.1:3389 -N -i private.ppk EMAIL:PROTECTED
Assuming you password protected the ssh key, the user will see a dos
style window asking for a password. They enter the password then just
get a blinking prompt - that's the connection made, and your server can
now connect to localhost:3389 which is an SSL secured tunnel to port
3389 on the remote client.
Hope that helps. maybe others can suggest other ways to do this or some
security improvements.
Russell
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact