1

I have two servers both running Ubuntu 16.04, server A and server B. Server B is acting as a VPN for server A. I am trying to figure out a way from a 3rd computer to ssh directly into server A even though it's behind server B's firewall.

Sever A:
IP: 73.85.87.81
sshport: 222

Server B:
IP: 109.192.97.168
sshport: 22

I noticed I can VPN in to server B then ssh to server A or ssh to server B then ssh to server A, but I would rather be able to ssh once and end up at sever A on port 222.

Is there a way I could set things up that when I ssh 109.192.97.168:222 I end up at 73.85.87.81:222?

Charles S
  • 133
  • 1
  • 1
  • 8
  • You could set up an iptables rule on server B that redirects traffic on a certain port to server A. I don't have an axample to hand, hence this isn't an answer, but it should give you a clue where to look. – Darren Jan 17 '17 at 18:54
  • 3
    The entire point of the server being connected to the VPN is to prevent what you want to do. What you want to do would require the SSH to be configured behind the DMZ allowing all traffic to attempt to connect to it. *That would be bad.* – Ramhound Jan 17 '17 at 21:50
  • @RamHound Why would it be bad? I don't necessarily care if traffic is able to reach server A on the ssh port. I am trying to hide the IP of server A when it is used to browse the web. Would doing this allow websites to find the IP of server A? – Charles S Jan 17 '17 at 22:04
  • It would be bad cause it exposes your ssh server to the entire world. If you don't care go ahead and put the ssh server behind your dmz – Ramhound Jan 17 '17 at 22:50
  • 1
    It might be better and more safe to setup your local ssh for a [multihop destination](http://superuser.com/questions/107679/forward-ssh-traffic-through-a-middle-machine), instead of sabotaging the VPN. – dirkt Jan 18 '17 at 11:30

0 Answers0