The archives are still available (I will try to remove the SPAM soon-ish): http://erdelynet.com/archive/ssh-l/

Suppose there is an SSH server inside a remote network that does not have its SSH port exposed to the Internet (named “internal.hostname.tld”). If there is an SSH gateway host that you can SSH to (that has the ability to reach “internal”‘s SSH port), you can use the netcat (nc(1)) command to Proxy your SSH session to “internal” through “gateway”.

Put something like the following in your ~/.ssh/config (or /etc/ssh/ssh_config):

Host internal.hostname.tld internal
  User          merdely
  HostName      internal.hostname.tld
  ProxyCommand  ssh merdely@gateway.hostname.tld nc %h %p 2> /dev/null

Then, make connect to “internal” as if you could directly: ssh internal.hostname.tld

Chances are, if you’re viewing my website (geek!), you’ve used their work. They’ve developed OpenSSH. This software is included with operating systems from Apple Mac OS X to Redhat Enterprise Linux to Sun Solaris (pretty much all of them but Windows) as well as HP, Cisco and other hardware vendors’ devices. These operating system and hardware companies have been including OpenSSH with their products for years, which saved them the time to develop it on their own.

And that’s just OpenSSH. I’m not even going to get into why OpenBSD deserves your support… that should be self evident through the rest of the content on my site.

Free software is a double edged sword…

Maybe you use it because it’s free. Maybe you use it because you can personally audit the source code and verify its integrity. Maybe you use it because it’s cool. But this freedom doesn’t necessarily mean that you don’t have to pay for it. Especially with OpenBSD, it means that you’re free to use it in anyway you see fit. You can resell it for $1000! But at some point you will pay for it.

Suppose down the line that the full-time developers for OpenBSD/OpenSSH decide that the donations and CD sales just aren’t providing enough funding and they have to get other jobs. Instead of 2 releases a year, we’d likely see less than that. Or maybe the developers can’t afford to buy a specific server architecture that you have depended on… That won’t be included in the next version.

If you’re like me, you’ve probably benefitted financially from OpenBSD. I’ve been able to use OpenBSD and OpenSSH in my workplace for several years now. Experience and knowledge gained from the availability of such great, flexible software has enabled me to get jobs and, in some cases, enabled a previous company to make money. I personally buy each release. I used to, as it says at the bottom of the OpenBSD Donations page, “buy one for a friend.” But instead started to just donate the amount of that extra CD. I really don’t need two anyway. I just buy the CD for the nostalgia and end up ftp’ing the software anyway.

So, buy a CD. Buy two if you want. Buy a t-shirt (the wireframe ones are really cool and they make good packing material for the CDs). Better yet, make a dontation. But help the project out. OpenBSD (and OpenSSH) are very solid, well done pieces of software. You won’t regret it.

If you REALLY want to make an impact, convince your company to buy CDs, donate funds and equipment. If you’re in the position to make the OS & hardware vendors pay attention, have THEM invest into the technology they have been reselling for years.

I’ve upgraded my mailing list manager to mlmmj.

What this means to you: hopefully — not much: There is no web interface to speak of, though I may make web pages that allow you to subscribe and unsubscribe.

The archives have also gotten an upgrade. I’m using hypermail now. It’s much simpler to maintain than my mhonarc set up was.

The Putty project also includes a command line client (plink), an scp client (pscp), an sftp client (psftp) and an ssh-agent application (pageant).

This program does exactly what it’s supposed to do, but it doesn’t have the features that SSHKeyChain has. If SSHKeychain didn’t have problems with password protecting your screen saver, I’d use that. Until that gets fixed, this program gets the job done.

This application is the best of its kind with many security features, including: locking the keychain when the computer goes to screensaver or goes to sleep.

I would use this program instead of SSH Agent, but it has a problem recovering from when the screensaver or going to sleep requires a password. If you don’t require a password on your screensaver or waking from sleep, this app is for you!

See my SSH section for more info.

See the list archive message about the upgrade.