Friday, December 28, 2007

Securing communication protocol traffic (SSH tunneling).

A useful option for secure communication between client/server is to tunnel the communication inside the Secure Shell protocol (SSH).

It can be used to tunnel POP3 and SMTP traffic using ssh.
-Sure u must have both ssh client and ssh server installed on the two ends.
-Create a local ssh tunnel on local machine (ex.port 5110) to the POP3 server's port 110 or SMTP 25
# ssh -f -N -L 5110:localhost:110 user@POP3_server

Or even simply binding to a privileged port (110, the POP port)

# ssh -L 110:mailhost:110 -l user -N mailhost

Same, you can also forward SMTP for outgoing mail (port 25), single ssh line can have multiple -L entries, like this:

# ssh -L 110:mailhost:110 -L 25:mailhost:25 -l user -N mailhost

-U can still check for port forwarded :
Telnet localhost (forwarded port)/
You should see the POP3 server's banner information.

-Finally you have to configure your mail client to access your mail via POP3 using mail server localhost and desired forwarded port.

No comments: