# Connecting two private hosts through a public pivot


METHOD 1 (ssh)

A reverse ssh tunnel, from host1 to pivot

host1# ssh -R localhost:1337:localhost:1234 -f -N root@pivot
host1# nc -l localhost 1234

A proxy ssh tunnel, from host2 to pivot

host2# ssh -L localhost:1234:localhost:1337 -f -N root@pivot
host2# nc localhost 1234

Diagram

host2:r ---> host2:1234 --- pivot:1337 --- host1:1234
host2:r ---> host1:1234


METHOD 2 (netcat)

Two listeners at pivot

pivot# mkfifo p
pivot# nc -nvlp 1111 0<p | nc -nvlp 2222 1>p

A running service and a pipe between the local port at host1 and the pivot

host1# nc -nvlp 1234
host1# mkfifo p
host1# nc -nv pivot 1111 0<p | nc -nv localhost 1234 1>p

A connection from host2 to pivot/host1

host2# nc -nv pivot 2222

Diagram

host2:r --> pivot:2222 --- pivot:1111 --- host1:1234
host2:r --> host1:1234

No comments: