Author: Stephen Language: text
Description: Stephen's GatewayPorts Concerns Timestamp: 2018-09-13 17:30:57 +0000
View raw paste Reply
  1. Hey Guys,
  2.  
  3. Thank you for keeping up the awesome work with TechSNAP. I have written in before (Dan's last episode https://slexy.org/view/s21OnWVu7r) and I have been reliably using AutoSSH running on a Raspberry Pi to connect to a DigitalOcean Droplet. Then I can use applications like X2Go/ssh or (for Android) an application called Ki4a (https://play.google.com/store/apps/details?id=com.staf621.ki4a) to connect to my LAN.
  4.  
  5. Anyways, I have been rebuilding this (I messed up the droplet and the Raspberry Pi and thought it would be better for me to just scrap them and start over) and everything was going well (I was using this article to rebuild the infrastructure https://blog.sleeplessbeastie.eu/2014/12/23/how-to-create-persistent-reverse-ssh-tunnel/), but I was running into issues that I know I solved before. Basically I could not connect to jumpbox.example.com on port 9000. After some Googling I found the issue I was having had to do with the GatewayPorts being commented it (it looks like it defaults to no).
  6.  
  7. Are there any security implications to having the GatewayPorts set to Yes? Are there any other security implications I should be worried about? The Pi only allows key authentication, and the autossh is running as a user that was created with the nologin shell.
  8.  
  9. Thank you for the awesome content. Keep up the great work,
  10.  
  11. - Stephen
View raw paste Reply