[clo-cvs] CVS public_html - clo-cvs@common-lisp.net - mailman3.common-lisp.net

24 Mar 2006

Update of /project/clo/cvsroot/public_html
In directory clnet:/project/clo/public_html
Modified Files:
    faq.shtml 
Log Message:
adding entry about forwarding

--- /project/clo/cvsroot/public_html/faq.shtml	2006/02/09 15:11:55	1.18
+++ /project/clo/cvsroot/public_html/faq.shtml	2006/03/24 20:57:21	1.19
@@ -16,6 +16,7 @@
       <a href="#nagging">Nagging</a>
       <a href="#lgpl">LGPL issues</a>
       <a href="#sshfingerprint">SSH host fingerprint</a>
+      <a href="#portsforwarded">Ports forwarded</a>
     </div>
@@ -109,6 +110,65 @@
<p>RSA: 17:fa:96:e3:30:7d:76:18:d0:59:2d:b5:09:41:fd:db</p>
+     <h1 id="portsforwarded">How can I connect to common-lisp.net through a restrictive firewall via ssh?</h1>
+
+      <p>Some firewall administrators are paranoid enough to disallow
+      outgoing connections to the ssh port, but they often allow
+      connections to e.g. the https port. For these cases, we have SSH
+      running on non-standard ports on shell.common-lisp.net. The
+      https port is the most common one that is left open, but
+      sometimes others are open, too. So ssh on shell.common-lisp.net
+      accepts connections to ports 21 (ftp), 22 (ssh), 23 (telnet), 80
+      (www) and 443 (https).
+
+      <p>To find out which ports your firewall lets through, Try to
+      connect to the ports in order:
+
+<pre>
+telnet shell.common-lisp.net 21
+telnet shell.common-lisp.net 22
+telnet shell.common-lisp.net 23
+telnet shell.common-lisp.net 80
+telnet shell.common-lisp.net 443
+</pre>
+
+      <p>If a port is blocked by the firewall, you'll see something like this:
+
+<pre>
+$ telnet shell.common-lisp.net 443
+Trying 86.59.21.101...
+telnet: Unable to connect to remote host: Connection refused
+</pre>
+
+      <p>The error message may differ, depending on the firewall's
+      configuration.
+
+      <p>If you can connect to a port, you'll see something similar to this:
+
+<pre>
+$ telnet shell.common-lisp.net 443
+Trying 86.59.21.101...
+Connected to shell.common-lisp.net.
+Escape character is '^]'.
+SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4
+</pre>
+
+       <p>If you found a port number that works for you, put the
+       following segment in the ~/.ssh/config file and substitute the
+       port that you found:
+
+<pre>
+Host common-lisp.net
+    Port 443   # substitute the port number you found for 443.
+    HostName shell.common-lisp.net
+</pre>
+
+      <p>If none of the ports on shell.common-lisp.net work for you,
+      but you can connect to https web sites, you may be running
+      behind a transparent https proxy. In that case, software like
+      corkscrew (http://www.agroman.net/corkscrew/) may help you
+      connect to common-lisp.net.
+
      <a class="topOfPage" href="#top" title="Go to top of page">top</a><br/>
</div>

    