Remote Computing via Ssh Port Tunneling

for Windows 95/98/NT and Unix

Introduction:

We now have a solution to read and send mail or ftp securely based on SSH port tunneling. The  free implementation of SSH (based on TtermPro for Windows) can do secure port forwarding plus X11 forwarding. It listens on the client (remote home) machine for well known ports (i.e: 25 for SMTP, 143 for IMAP, 80 for http, X11) and transports it to server machine encrypted. During setup user can also configure where server sends the requests (alternate machine/port). In effect we are able to "tunnel" all requests on the local machine to any machine as if they were being made to them directly.  

How to read Mail Securely from your Windows 95/98/NT machines: 

Installation:   (Note:  this is for POP3 or IMAP users only)

• Get ttssh software from http://ftp.cs.stanford.edu/pub/ttssh/current.zip
• Unpack ttssh software into:  C:\Program Files\ttermpro.   See below for port instructions.
• Verify access to a login  account on a Server  machine.
• On remote/home computer Mail reader change Server Type to POP3 or IMAP,
  set incoming and outgoing Mail Server  to localhost.

Running:

• Make sure I.E., Outlook or Netscape is not running.
• If you want to run X11, then start your Xserver.
• Start ttssh and login into your server.
• At this point all ports set in ttssh are tunneled.
• Start Outlook or Netscape/Mail application.
• Continue sshing to other machines if you want windows to show up on X11
• Before bringing down link, exit Netscape and any other sessions.
• NOTE:     DO NOT SET YOUR DISPLAY ENVIRONMENT!  Ssh will set it for you automatically.
  If you have DISPLAY set in any of your Unix dot files then remove it.

Setup for remote UNIX machines: 

Installation:

• Only requirement is SSH. (1.2.26 recommended.)
• Make sure sendmail is not running, if so kill it.  Verify with ps -ef | grep sendmail
• You can configure Unix  not to start sendmail at bootup.
• Verify there is an entry for localhost with  IP 127.0.0.1 in file /etc/hosts
• Verify access to a login  account on server machine.
• On remote/home computer change Server type to POP3 or IMAP,
  set incoming and outgoing server  to localhost.

Running:

• Make sure Netscape is not running on your home/remote Unix box.
• using the following SSH command, activate tunneling session:
  • ssh  -L 25:Xenon:25  -L 80:Xenon:80 -L 143:Xenon:143 -l loginname xenon.stanford.edu 
  • On Unix: you have to be root to be able to forward a Privileged port.
• Login as normal.
• Start Netscape browser/Mail application on your home/remote Unix box.
• Before bringing down link, exit Netscape and any other sessions.
• NOTE:     DO NOT SET YOUR DISPLAY ENVIRONMENT!  Ssh will set it for you automatically. If you have DISPLAY set in any of your Unix dot files then remove it.

TtermPro (ttssh) Installation and Port Configuration

Ttermpro is a Windows SSH terminal and tunneling software. Use ZIP utility to unpack the software.
Unfortunately this software does not have a clean installation process. Users need to unpack the software
to directory  c:\Program Files\ttermpro. You will not automatically get an entry in your program menu etc.
You will need to use windows explorer to  run the ttssh.exe manually, or drag an drop it onto your desktop.
The latter  will result in a shortcut on your desktop to ttcsh.

How to enable Port tunnling

To start  ttssh, simply double click the icon.  Two Windows will pop, cancel the window called New connection.
Click on Setup, select  SSH Forwarding... click on Add...   Select   Forward local port,  pick the port from the
menu.  pick the host you want the port be forwarded to  and then pick the port for that host.

        i.e.     smtp       xenon.stanford.edu   smtp

click ok   you will then see a line added to the Fowarding Setup:

                Local 25 (smtp) to remote "xenon.stanford.edu" port 25 (smtp)

Do the same for  IMAP POP or HTTPD...

A VERY IMPORTANT NOTE:

Ssh encyption is only between your machine and the SSH server. After that nothing is encryted.