Secure Shell
Dynamically allocated port on reverse forward Aug 16 2010 10:19PM
Joke de Buhr (joke seiken de) (1 replies)
Re: Dynamically allocated port on reverse forward Aug 17 2010 04:59AM
ADFHAU (openssh bachelorguy com) (1 replies)
Re: Dynamically allocated port on reverse forward Aug 17 2010 06:02PM
Joke de Buhr (joke seiken de) (1 replies)
On Tuesday 17 August 2010 06:59:33 ADFHAU wrote:
> Hi,
>
> > If I invoke ssh this way:
> > ssh -R 0:localhost:22 remote_ssh_server
> >
> > ssh prints a debug message like:
> > Allocated port 40454 for remote forward ....
> >
> > before it drops to the shell.
> >
> > Is there a way of querying the allocated port on the remote site to
> > make it usable within scripts? For example to execute a command via
> > ssh on the origin site in this case.
>
> If you could determine the ancestry of the script process, back to the
> sshd driving it and then look up the pid in lsof or netstat output,
> you could probably do it.
>
> That or if the script had access to logs and the logging level were
> high enough.

Determine the sshd process can be done via $PPID from thin the login shell:
echo "shell pid: $$, sshd pid: $PPID"

Unfortunately using lsof -p $PPID (or /proc/$PPID) doesn't work in this case
because the login user doesn't have read permissions to query the sshd process
(not the sshd daemon). Unless lsof is executed as root this doesn't work.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQG7BAABAwAlBQJMas7THhhoa3A6Ly9wb29sLnNrcy1rZXlzZXJ2ZXJzLm5ldAAK
CRCWUloJhwFWxvCtC/0ZnaOne42++hUjKQEcoN1FdwINXge2KrGldk7QBl9VVi8I
acwIKWhaQ1AApX72OvT127ojkCq9vmHZvKtRynkuGi+129SEHJYYaIFJ4hvhqa9d
DeIf2UYmtjc4ySvZgM20XVeYVJLut70NA5b6VMY55DxeEMKkfJJvgMaF8eRdTg0P
WiKp2m3YzsxJCiazpLG9qYn92cvJVZ+nrweQkbTXWW4YLvAQ1mFSENtWumsmGIiX
sg7DP5djscrzCTIWVRne9TtrFc3WMBcff70M5zQ5LNNcNymO9SQ7ZSM3E+UUOoH5
poTfY29MXr2XUf189/wOjsIkGI9l8+ON5kLBjTzb4cNtLb91Ee6wN5j0NGX1dVCo
TuooJTQcVv0/aSNsHDL3XmfCkxSlED1Ms92RnCCvQ7M+TY3EszG+6oXr4oOSbhnw
GNPQzB4zGRVKcmpxcVZXB1Ai0CMtjPCI5KsOLVgBlTAEboh29vDQLZbfXc0RQ/Af
Cvu3L06efUvnsY8cruo=
=p4TK
-----END PGP SIGNATURE-----

[ reply ]
RE: Dynamically allocated port on reverse forward Aug 17 2010 07:49PM
Males, Jess (jmales cio sc gov) (1 replies)
Re: Dynamically allocated port on reverse forward Aug 17 2010 08:57PM
Joke de Buhr (joke seiken de)


 

Privacy Statement
Copyright 2010, SecurityFocus