[vox-tech] ssh tunneling

Ken Bloom vox-tech@lists.lugod.org
Tue, 4 Jun 2002 00:35:44 -0700 

[bloom@cat-in-the-hat ~]% ssh -L 12345:green.ucdavis.edu:143 kabloom@green.ucdavis.edu
kabloom@green.ucdavis.edu's password:
Last login: Tue Jun  4 00:26:10 2002 from d23-115.tercero

NOTICE: this host, pop12, is a special server
NOTICE: interactive logins are not allowed
NOTICE: kabloom is not authorized to use this host

NOTICE: for information on checking email, go to
NOTICE: http://scg.ucdavis.edu/email/checking.html

Connection to green.ucdavis.edu closed.
[bloom@cat-in-the-hat ~]% ssh -L 12345:green.ucdavis.edu:143 kabloom@green.ucdavis.edu -N
kabloom@green.ucdavis.edu's password:
Killed by signal 2.
[bloom@cat-in-the-hat ~]% ssh -L 12345:localhost:143 kabloom@green.ucdavis.edu -N
kabloom@green.ucdavis.edu's password:
Killed by signal 2.



"Killed by signal 2" means I hit Ctrl-C when it became eminently clear that the 
green.ucdavis.edu wasn't about to complain that I wasn't authorized to use their system. So if 
the error message from the first run is what you were seeing, then try adding the -N option.



[bloom@cat-in-the-hat ~]% head .muttrc
# imap and ssl settings
set certificate_file=~/.mutt_certificates
set imap_user=kabloom
set imap_force_ssl=yes
set spoolfile=imap://green.ucdavis.edu/INBOX
set folder=imap://green.ucdavis.edu/
mailboxes imap://green.ucdavis.edu/INBOX /var/spool/mail/bloom
# use `mutt -y` to be able to view local mail


Considering that this snippet of my .muttrc works fine for me, I would say that campus does 
support SSL.



> ---ORIGINAL MESSAGE---
> Date: Mon, 3 Jun 2002 18:14:57 -0700 (PDT)
> From: Gabriel Rosa <grosa@ucdavis.edu>
> To: <vox-tech@lists.lugod.org>
> Subject: [vox-tech] ssh tunneling
> Reply-To: vox-tech@lists.lugod.org
> 
> 
> hey all,
> 
> I'm trying to set up an encrypted imap tunnel to campus using ssh.
> However, when I try to do:
> 
> ssh -L 12345:localhost:143 purple.ucdavis.edu
> 
> it tells me i'm not allowed to log in to purple.ucdavis.edu
> 
> Campus doesn't handle imap over ssl, and if I can't log in to the server
> via interactive shell, I don't think I can tunnel with ssh.
> 
> is this hopeless? any ideas?
> 
> thanks,
> -Gabe