[nzlug] SSH Remote Access with very restrictive firewall...

[Mark Foster]

On Tue, 14 Aug 2007, Andrew Bruce wrote:

> I've got an issue where I need to be able to access my home server from 
> somewhere that has a restrictive firewall.  Basically it looks like all I can 
> do at the moment is browse the web.
>
> Is there anything like the MindTerm Java Applet that Micheal posted, that 
> will run on the server side, and establish SSH connections from the server 
> and display the results back to the applet?
>
> Or is there a better, more tricky way around it?  I've tried sending the 
> connection through the HTTP proxy (options under Putty to do this), but no 
> joy there either.
>

Wearing my network managers hat - you're obviously trying to do something 
that you're 'not allowed' to do... or else you wouldn't be jumping through 
so many hoops.

I gather simply asking for a dedicated firewall rule to exclude your 
(presumably fixed) IP from the SSH block is out of the question?

The issue with SSH is of course, the ability to tunnel over it.  For that 
reason many networks will exclude SSH as a matter of course, and regard it 
as one of the more threatening things to 'allow' - especially for 'joe 
user'.  (whether you infact deserve that title or not...)

So do you have permission to use SSH across the firewall?
I'm assuming corporate type environment, where theres probably an 
acceptable use policy (and perhaps something along the lines of 
'deliberate attempts to circumvent this policy will result in disciplinary 
action' in your employment agreement or internet use agreement) and 
legitimate reasons to lock it down...

Mark.