I have access to a number of servers which are behind firewalls. To access them I generally create a SSH tunnel through the firewall and then connect to the server through the tunnel. To speed up this process I made the following bash function (copy it into your .bashrc):
#Forward ssh connections through a firewall
function fw {
USAGE=$(cat<<'END'
fw firewall destination [port]
fw alias
Generate an ssh tunnel through a firewall & connect through it to the destination.
Port refers the local port devoted to the tunnel. Only one tunnel may be generated per port.
Alias refers to a named tunnel, specified in ~/.ssh/tunnels.
END
)
if [[ ! "$#" =~ [1-3] || "$1" == "-h" || "$1" == "--help" ]]; then
echo "$USAGE" >&2
return 70
fi
TUNNELS=~/.ssh/tunnels
if [[ "$#" == 1 ]]; then #alias mode
TUNNEL=$(egrep -i "^$1 " $TUNNELS 2>/dev/null ||
{ echo "Tunnel $1 not found in $TUNNELS." >&2; return 2; } )
FW=$(echo $TUNNEL|awk '{print $2}')
DEST=$(echo $TUNNEL|awk '{print $3}')
PORT=$(echo $TUNNEL|awk '{print $4}')
else
FW="$1"
DEST="$2"
PORT="${3:-2222}"
fi
# Create tunnel & establish a connection through.
# Tunnel will close when the last connection through it closes.
ssh -f -L $PORT:${DEST##*@}:22 $FW 'sleep 10' &&
ssh -p $PORT -l "${DEST%%@*}" 127.0.0.1
}
Now, to ssh into ‘hotstuff.ucsd.edu’ through firewall ‘kerberos.ucsd.edu’, just run
$ fw sbliven@kerberos.ucsd.edu sbliven@hotstuff.ucsd.edu 2200
You can also make additional connections via ssh/sftp/sshfs on port 2200.
Frequent connections can be stored in a configuration file. Put a line in ~/.ssh/tunnels for each connection with an alias, the firewall, the destination, and the port:
# ~/.ssh/tunnels
# Alias fwuser@Firewall destuser@Destination Port
hotstuff sbliven@kerberos.ucsd.edu sbliven@hotstuff.ucsd.edu 2200
Now, just write fw hotstuff and everything will connect.