Imaging that you have 2 users both using Ubuntu 10.04: UserA@HostA and UserB@HostB. HostB is behind a firewall, and UserA would like to SSH into HostB and share a terminal with UserB to collaborate on some kind of task. This article will attempt to explain how to do this.
Make sure both users have SSH access to a "middle" server. We will call this HostC...
root@HostC$ sudo useradd -m -s /bin/bash UserA root@HostC$ sudo useradd -m -s /bin/bash UserB
Install OpenSSH Server on HostB...
UserB@HostB$ sudo apt-get install ssh
Keep in mind that this could cause potential security issues, so you should also familiarize yourself with how to secure OpenSSH server. Specifically, make sure you disable the "PermitRootLogin" option.
Install GNU Screen on HostB and setuid root for GNU Screen...
UserB@HostB$ sudo apt-get install screen UserB@HostB$ sudo chmod u+s /usr/bin/screen UserB@HostB$ sudo chmod -R 755 /var/run/screen
Add a new user on for UserA@HostB...
UserB@HostB$ sudo useradd -m -s /bin/bash UserA UserB@HostB$ sudo passwd UserA
Be sure to remember the password for UserA which was set here.
Have UserB SSH into HostC, setting up a remote forward...
UserB@HostB$ ssh -R 20022:localhost:22 UserB@HostC
UserB will need to keep this terminal window open, but will not need to enter commands here.
Have UserA SSH into HostC.
UserA@HostA$ ssh UserA@HostC
Now, from HostC, have UserA SSH into HostB...
UserA@HostC$ ssh -p 20022 UserA@localhost
Keep in mind that UserA will be asked for a password at this point. This will be the password which was set earlier.
At this point, UserA should now be logged in to HostB. Now UserA will need to setup a named screen session.
UserA@HostB$ screen -S foobar UserA@HostB$ screen -X multiuser on UserA@HostB$ screen -X acladd UserB
In a new terminal window, on HostB, have UserB join the screen session...
UserB@HostB$ screen -x UserA/foobar
At this point, both users will share a terminal session on HostB.
If you plan on doing this often, you should familiarize yourself with iptables so as to properly setup a firewall for added security.