Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Most corporate networks won't allow you to open ports on your machine without approval. Solutions like tmate (awesome btw!) don't work because they're filtered.

I use tmux with a reverse ssh to a VM in our cloud and then a colleague can forward ssh to the VM.



"tmate is useful as it goes through NATs and tolerate host IP changes. Accessing a terminal session is transparent to clients as they go through the tmate.io servers, acting as a proxy. No authentication setup is required, like setting up ssh keys."

Corporate can't block outgoing traffic on well-known ports without user impairment, even with MITM certificates in place HSTS solves that security hole making outbound 443 quite open in most networks.

EDIT: tmate uses SSH as outbound transport, just like you are.


MITM certs are in place, yes. I suspected DNS lookup is denied, but that also works.

Not sure why my client is not connecting, if ssh is the outbound transport, perhaps it's because port 22 is blocked for non-network addresses?


Should be fine if you host your own tmate server.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: