[GLLUG] Netcat Bash prompt

Jason L. Froebe jason.froebe at gmail.com
Thu Dec 4 17:18:02 EST 2014 

A big problem with the netcat method is that it doesn't have
authentication.  If you can restrict the access to the port via a firewall
so access is granted only from a single source, it wouldn't be as bad but
the ip address could be spoofed.  A direct physical connection would
provide a secure-ish solution to that.

Whether you use a ssh tunnel or netcat, it amounts to the same (a proxy).
With the ssh tunnel, it is far more secure.

jason

On Thu, Dec 4, 2014 at 4:22 PM, Michael P. Flaga <michael at flaga.net> wrote:

> Yes, I can create a tunnel over, but not forwarded onto another IP, rather
> need a bash prompt. So that the telneting  program can call bash commands
> at the remote linux box.
>
>
>
> The goal is to not simply tunnel the telnet. But rather translate it.
> Noting that telnetd is gone from the remote linux box.
>
>
>
> Netcat is there, so “-t” will answer TELNET negotiation in place of
> telnetd.
>
>
>
> Michael P. Flaga, michael at flaga.net
>
>
>
> *From:* Jason L. Froebe [mailto:jason.froebe at gmail.com]
> *Sent:* Thursday, December 04, 2014 4:12 PM
> *To:* Michael Flaga
> *Cc:* GLLUG
> *Subject:* Re: [GLLUG] Netcat Bash prompt
>
>
>
> On the windows box, use putty to create a ssh tunnel to your Linux box.
> This way nothing is transferred unencrypted over the network.
>
> Jason
>
> On Dec 4, 2014 4:02 PM, "Michael P. Flaga" <michael at flaga.net> wrote:
>
> I have closed source programs that telnet on windows boxes. Where I am
> constrained to Linux Jump servers. That now only have SSH. The Telnet is
> GONE on the jump servers. The closed source programs once connected
> (formerly via telnet) to the jump servers then know who to issue the
> commands to ssh into the remote targets.
>
>
>
> I need a way to translate Telnet to SSH on the jump servers.
>
>
>
> The netcat on the jump servers do not have the –e option, so I cannot run
> nc in telnet mode into /bin/bash.
>
>
>
> I have found
>
>
>
> mkfifo pipe_name_in
>
> mkfifo pipe_name_out
>
> nc -l 5555 < pipe_name_out | /bin/bash > pipe_name_in
>
>
>
> which kind of works. However, the Standard Error does not go down the
> pipe.
>
> So I don’t get any echo or prompts, only the response.
>
>
>
> nc -l 5555 < pipe_name_out | /bin/bash 2> pipe_name_in
>
> does get the some of the prompts but then no responses.
>
>
>
> nc -l 5555 < pipe_name_out | /bin/bash 2>&1 pipe_name_in
>
> fails to allow connections.
>
>
>
> Any suggestions or solutions?
>
>
>
> Michael P. Flaga, michael at flaga.net
>
>
>
>
> _______________________________________________
> linux-user mailing list
> linux-user at egr.msu.edu
> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>



-- 
To stay young requires unceasing cultivation of the ability to unlearn old
falsehoods. -- Lazarus Long, "Time Enough For Love"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.egr.msu.edu/mailman/public/linux-user/attachments/20141204/40f05520/attachment.html>

More information about the linux-user mailing list