fedora-users October 2011 archive
Main Archive Page > Month Archives  > fedora-users archives
fedora-users: Re: Remote access

Re: Remote access

From: Marko Vojinovic <vvmarko_at_nospam>
Date: Fri Oct 14 2011 - 11:26:00 GMT
To: Community support for Fedora users <users@lists.fedoraproject.org>

On Friday 14 October 2011 05:32:23 Scott Rouse wrote:
> On Oct 14, 2011 12:13 AM, "KC8LDO" <kc8ldo@arrl.net> wrote:
> > Is there a way to use ssh to get through a firewall for remote access to
> > a system? The situation I'm looking at is a Fedora system sitting behind
> > a company firewall, which I have no control over, that I wish to gain
> > access to by logging into it over the Internet from a remote computer.
> > In other words the connection is initiated from outside of the
> > firewalled company network.
>
> There are many companies that would frown upon doing what you are
> proposing. I would suggest that you talk to your network/firewall admin
> and see if they will make an allowance for you.

True, and that is usually the best option. The drawback being that you are
putting yourself at mercy of the firewall admin, who might be lazy,
incompetent, or ignorant (which is sometimes the case), or have a boss that is
one of those things (which is the case quite often).

However, every serious firewall admin should know that the firewall is a one-way
barrier, protecting local users from the outside attack, and having in
principle no way to protect the outside world from the local user. Or in the
words of the firewall-piercing HOWTO
( http://tldp.org/HOWTO/Firewall-Piercing ):

<quote>
A firewall cannot protect a network against its own internal users, and should
not even try to.
</quote>

So, if the OP asks his admin to allow him the access, and is refused, I think
it is perfectly legitimate to DIY and pierce a connection through.

Best, :-)
Marko

-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines