Tunelling ssh Through Another Host

As some of you may know, I recently installed a fresh image of FreeBSD on my router computer. It's real thin. No fancy applications were installed this time. Notably, there is no X server (the graphical jazz) installed on it this time. The hard drive on that computer is 1.1 G. There is a 100 mb swap space. Everything else is on the remaining partition. The partition has 185MB used on it. That leaves 831MB free.

I have a computer plugged into the router and for me to log into it from outside my home network I need to first log onto the router and then onto the workstation.

      Internet          LAN         
cygwin   ->    church    ->    daddy

daddy is my main home computer. church is the router. I am calling the remote computer (where I am physically sitting) cygwin because that is the program I am running on this winDOH!s box to provide X forwarding and secure shell login.

What you may not know is that when I am logged onto daddy, I can run graphical applications by forwarding my X server to that computer. The method for doing this has been to forward X through a login to church and then forward X again with a second login from church to daddy.

I have been doing the above procedure for a long time. But now that church doesn't have an X server, the X forwarding fails at the router link. I could still log into daddy but I could not run graphical applications.

Anyway, I decided to explain my solution here so that it'll be here in case I forget.

On cygwin:

$ ssh -L 2001:daddy:22 username@ip-to-church

This command (as far as I think I understand it) creates a secure shell from cygwin to church and specifies that local port 2001 will be used for that connection. Of course, "2001" is arbitrary. Use any port you don't mind using for this connection.

Now, again on cygwin but in a different shell:

$ ssh -X -p 2001 username@localhost

This command uses the existing secure shell and shoots another secure shell through it to daddy. The username will be the user name into which I wish to log on daddy.