OpenSSH rocks! OK, you know that already, but I just wanted to say it...

Damon McMahon damon.mcmahon at
Thu Sep 2 23:34:20 EST 2010


For a while I've been pondering how to enable the business owner of my
former employer (whose network I established and maintained before I
left) to have webmail access to his email. The internal mail server is
an old MacOS X 10.4 Tiger server protected behind an OpenBSD gateway
(naturally). I commissioned it many years ago before hosted mail
services were as cheap and competent as they are now. It's still doing
a fine job, but I'm paranoid enough to say "no way" to exposing the
ports of the +current+ version of MacOS X Server to the internet,
nevermind one not even supported by Apple anymore.

There were several potential solutions, but all were inelegant,
expensive or needlessly complex for one reason or another.

And then I remembered port forwarding using ssh -L.

I'd never had a use for it until now. A few minutes testing...yes,
this just might do the trick. All I need to do now is to pre-roll
putty on a USB and there we go: a secure method to access a
somewhat-less-than-secure mail server anywhere via a web browser.

Did I mention you guys rock?

Mental note: add a donation to my next OpenBSD CD purchase ;-)

Best wishes to all you talented developers!

More information about the openssh-unix-dev mailing list