tunnel connection like a service with cygwin orotherproducts?

Darren Tucker dtucker at zip.com.au
Tue May 7 21:09:45 EST 2002

Stephan Hendl wrote:
>Darren Tucker wrote:
>> The first part should be easy: use cygwin openssh client using some kind
>> of passwordless authentication (eg RSA).
>> To make it run entirely in the background, run it from cygrunsrv (part
>> of Cygwin) or SRVANY (NT resource kit). Neither of these work on W95,
>> only NT or W2K.
> How does the cygrunsrv work? Unfortunately I cannot find this utility in the cygwin distribution...

Download the setup.exe from sources.redhat.com/cygwin. You can find
cygrunsrv under "Admin" Category.

I just set up a basic forwarder. The steps I took were (on the client):

# ssh-keygen -t rsa -f /.ssh/id_rsa
Generating public/private rsa key pair.
[set a null password]

# scp /.ssh/id_rsa.pub dtucker at

# ssh echo passwordless auth works
passwordless auth works

# cygrunsrv -I SSHFWD -p /usr/bin/ssh -a "-L 3128: -v -N
-l dtucker"

# net start SSHFWD

# netstat -an | grep 3128
  TCP              LISTENING

# telnet 3128
Connected to
Escape character is '^]'.
HEAD http://www.openssh.com/ HTTP/1.0

HTTP/1.0 200 OK
Connection closed by foreign host.

# tail -1 /var/log/SSHFWD.log
debug1: channel_free: channel 1: direct-tcpip: listening port 3128 for port 3128, connect from port 1891, nchannels 2

For production use, you'd probably want to set up a dedicated account
(possibly with a shell of /bin/false), make the authetication stronger
(eg by specifying "from=" on the authorized_keys entry) and write a
wrapper script for the client side to restart on connection failure.


More information about the openssh-unix-dev mailing list