This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
institute_lorentz:institutelorentz_remoteaccess [2022/05/31 08:05] – [SSH access/tunnelling behind firewalls] lenocil | institute_lorentz:institutelorentz_remoteaccess [2022/11/29 12:27] (current) – [SSH access/tunnelling behind firewalls] lenocil | ||
---|---|---|---|
Line 94: | Line 94: | ||
The set up on your side is rather simple and requires only editing a file on the SSH client you wish to use, e.g. laptop, workstation, | The set up on your side is rather simple and requires only editing a file on the SSH client you wish to use, e.g. laptop, workstation, | ||
- | Add the following stanza to your SSH client config file ('' | + | Add the following stanza to your SSH client config file((The same result is obtained by executing directly '' |
<code bash> | <code bash> | ||
Host ssh.lorentz.firewall | Host ssh.lorentz.firewall | ||
- | ProxyCommand openssl s_client -connect access.lorentz.leidenuniv.nl: | + | ProxyCommand openssl s_client -connect access.lorentz.leidenuniv.nl: |
User <Your IL username> | User <Your IL username> | ||
</ | </ | ||
Line 134: | Line 134: | ||
When the connection is initiated you will be able to double-check the SSL certificate details, especially the '' | When the connection is initiated you will be able to double-check the SSL certificate details, especially the '' | ||
+ | |||
+ | Similarly it is possible to initiate an SSL-wrapped SSH SOCKS proxy connection useful to protect your browser sessions from eavesdroppers | ||
+ | |||
+ | <code bash> | ||
+ | ssh -ND 8888 ssh.lorentz.firewall | ||
+ | </ | ||
+ | |||
+ | then modify your browser settings to instruct it to redirect all connections to a SOCKS proxy listening on '' | ||
+ |