Date: Mon, 02 Jun 1997 16:12:44 -0700
From: "Zot O'Connor" <>
Subject: ssh proxy for tn-gw

Here is info from the README.  This requires a host to have tn-gw on
the receiving end.  Apparently tn-gw uses several characters as codes
and tn-nav-gw escapes these for the client, and then unescapes them
for the server.

This works for me since I go to many clients who have tn-gw up and I
cannot control the firewall.  Once out to my home, I can ssh to the
site I need.

What is it?

tn-gw-nav is a program to allow you to use SSH ( to
connect to a host which is on the outside of a TIS fwtk derived telnet
gateway. The host on the outside must also be configured to use

Getting the Source

Contact the Authors

John Saunders <>
Charlie Brady <>

How does it work?

SSH has a feature which allows you to use a program as a proxy to
establish a connection to the SSHD server. One of the functions of
tn-gw-nav is to negotiate the connection through the telnet gateway.

The other function of tn-gw-nav is to create a clean 8 bit stream
between ssh and sshd after the connection is created. The telnet
gateway unfortunately treats a few characters as special - these need
to be escaped to traverse the gateway safely, then unescaped before
being fed to the SSHD server.

Because tn-gw-nav must run at both ends of the connection, it does not
directly provide a general solution to using ssh through the telnet
gateway.  Once you have one ssh connection with a tn-gw-nav equipped
host, however, you will then be able to use ssh from there to anywhere
else using ssh.

If the unescaping code was added to sshd, enabled on a host by host
basis through a config entry in /etc/sshd_config, then tn-gw-nav would
only be required at the SSH client end. A patch for SSHD is on the
TODO list.

Zot O'Connor