Skip to content
Home » Blogs » Amr's blog

RSOD: A KISS Reverse SSH web-based tool

November 19, 2008 by Amr

From time to time we need to connect to servers on our customer's network. Ideally, we would just SSH and do our thing; However, few customers are behind NAT meaning we cannot connect to them in a simple manner. The job isn't worth going over the hassle of finding how to bridge the 2 networks together.

Fortunately, SSH provides a solution: Reverse SSH Tunnel. However, it's not very easy for less technical people to do thus, becoming impractical in our case. I thought what we needed was a way to make it trivial to open and close Reverse SSH Tunnels. I googled but I didn't find something that's web-based and is actually usable.

I thought this was a good excuse to hack away and I couldn't resist.

I created RSOD as an idea proof. It's is a very small and relatively self-contained web-based application which sits on a server and allows people accessing its web interface to manage Reverse SSH Tunnels.

From a less technical person's point of view (which is the whole point of RSOD), you send him or her a file by e-mail, for example. They open RSOD, feed it the file and a tunnel has been created for you. Few hours later, you are done, they open RSOD and close the tunnel by clicking the "Close" button.

It currently requires that SSH Keys are used for authentication (or other passwordless mechanism) and subsequently your machine must authorize the public key of customer's machine. That's not a big problem because it's done only once as part of the installation. Password-based authentication could also be possible. Security will mean that the password cannot be passed in the RSOD file which you e-mail to the customer, so this one bit will have to be communicated by some other mean.

You can download the current idea-proof, but working, version from the RSOD Project hosted at github.com.

Hack away.

Permalink

Comments

oops, forgot to sign in!

November 25, 2008 by digital_sin, 1 year 35 weeks ago
Comment id: 22

Why can't you just use openssh-Reverse?

It's a patched openssh which goes in reverse, allowing outside users to connect to machines behind NAT firewalls. In reverse mode, sshd acts as a client and brings the connection to a modified ssh server. Which should do the trick, right?

http://bit.ly/uyPB

You can find more info about it here:
http://www.securiteam.com/tools/6I00N0K03K.html

RSOD is an interface to that feature

December 1, 2008 by Amr, 1 year 34 weeks ago
Comment id: 23

RSOD doesn't not try to replicate that feature of OpenSSH. RSOD is a simple web-based interface to that feature of OpenSSH.

It allows less technical people to create and manage tunnels. No-brainer style.

What if you also like boobs?

December 2, 2008 by digital_sin, 1 year 34 weeks ago
Comment id: 24

What if you also like boobs? can you replicate that feature?

Lornetki

December 30, 2009 by Anonymous, 30 weeks 3 days ago
Comment id: 2749

Cool blog, i want to start blogging too, what script is the best for my first blog ?

how to download redtube video

January 25, 2010 by Anonymous, 26 weeks 5 days ago
Comment id: 3158

I see a lot of good work here, keep us posting

hey thanks for the great post

January 25, 2010 by Anonymous, 26 weeks 5 days ago
Comment id: 3162

hey thanks for the great post :D i really enjoyed following along and reading aobut it. keep up the good work.

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

AdaptiveThemes