port forwarding

Markus Friedl markus.friedl at informatik.uni-erlangen.de
Fri Apr 28 20:23:09 EST 2000

On Fri, Apr 28, 2000 at 12:40:15PM +0300, Florin Andrei wrote:
> ssh -L 110:mail.rds.ro:110 localhost
> 	110 was opened again on my machine, forwarding the requests to
> mail.rds.ro. Ok again.
> 	But... after sniffing the interface, i saw that, this time, the packets
> were sent to mail.rds.ro:110, not to mail.rds.ro:22 so this wasn't actually
> POP3 over SSH! The only difference was that, this time, i wasn't
> authenticated on the mail server itself, but on localhost.

this is what you specified.

these two are equivalent:
	% ssh -L 110:mail.rds.ro:110 mail.rds.ro
	% ssh -L 110:localhost:110 mail.rds.ro
but not this one:
	% ssh -L 110:mail.rds.ro:110 localhost
as the ssh connection is from localhost to localhost

> 	The problem is that i want to forward POP3 over SSH, but not authenticate
> myself into a shell account on the mailserver. I don't wanna this, because
> we have here very strict shell policy, and we don't wanna leave accounts
> with shell access enabled.

you need to start a shell if portforwarding should work.
you could give a way a shell that just sleeps for say 60 seconds.

> 	How can i obtain a true pop-over-ssh connection without using shell access
> on the server?

openssh2 could do this, but it's not ready.

More information about the openssh-unix-dev mailing list