October 02, 2007
ssh with blackberry and t-mobile
So I found what I thought would be a decent little ssh client for my new Curve. Well turns out t-mobile is kinda crappy about their blackberry service. They block all ports but ports used for email and web surfing. So I can't get to port 22 on ssh servers, very inconvenient, the internet plan lets you do this, as I could access port 22 with my MDA.
The group who made the ssh client made a nifty little java proxy server that could work over a http port. But it caused a connection overload on the blackberry so I could issue a couple commands before it crapped out on me with some damn error about max connections.
People had success putting their ssh servers on alternate ports like port 110. Which was promising. But I don't want to alter ssh on my server to run on port 110 when 22 is fine for me 99% of the time.
To be 100% honest I don't NEED to access 22 on my server from my phone, I did it maybe twice with my MDA in the first couple months, then over a year with out doing it ever again. At some point during the day it became an exercise of can I make it happen / I won't be beat by this crap.
I've still to finalize and automate my method but it works and it works perfectly fine. I didn't have to reconfigure anything on my server, just on my router. My router is running dd-wrt which is an awesome firmware. But it's running an old version that lacks some of the functionality of the newer ones that would have made it easier which I may switch to at a later time.
I logged into my router and punched the following in.
Thats it. now the port for pop3 email is now forwarded/mapped to port 22 on my internal server. I just point the ssh client to port 110 rather than the default 22....
I am so smrt... I mean smart...
Posted by Ben at October 02, 2007 05:21 PM
The group who made the ssh client made a nifty little java proxy server that could work over a http port. But it caused a connection overload on the blackberry so I could issue a couple commands before it crapped out on me with some damn error about max connections.
People had success putting their ssh servers on alternate ports like port 110. Which was promising. But I don't want to alter ssh on my server to run on port 110 when 22 is fine for me 99% of the time.
To be 100% honest I don't NEED to access 22 on my server from my phone, I did it maybe twice with my MDA in the first couple months, then over a year with out doing it ever again. At some point during the day it became an exercise of can I make it happen / I won't be beat by this crap.
I've still to finalize and automate my method but it works and it works perfectly fine. I didn't have to reconfigure anything on my server, just on my router. My router is running dd-wrt which is an awesome firmware. But it's running an old version that lacks some of the functionality of the newer ones that would have made it easier which I may switch to at a later time.
I logged into my router and punched the following in.
iptables -t nat -A PREROUTING -p tcp --dport 110 -j DNAT --to :22 Thats it. now the port for pop3 email is now forwarded/mapped to port 22 on my internal server. I just point the ssh client to port 110 rather than the default 22....
I am so smrt... I mean smart...
Posted by Ben at October 02, 2007 05:21 PM
Comments
Ben is supergeek!
Posted by: bonnie on October 2, 2007 09:18 PMY NOT RUN IT ON TOO PURTS?
Posted by: NiteMayr on October 3, 2007 01:25 PMHow about port 443? Any reason not to use that?
Posted by: sonny on October 10, 2007 08:39 PM443 already in use/forwarded... but it should still be possible to use.
Posted by: ben on October 13, 2007 10:31 PMPost a comment