grplyler/ssh_tunnel_howto.md

Last active September 16, 2020 20:42

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/grplyler/916285f8532257c5a2b12a6414fd15a4.js"></script>
Save grplyler/916285f8532257c5a2b12a6414fd15a4 to your computer and use it in GitHub Desktop.

Download ZIP

SSH Tunneling (Port Forwarding)

Raw

ssh_tunnel_howto.md

SSH Tunneling (Port Fowarding)

AKA, Poor-mans VPN Method

Use Case

Let's say you have secret service running on port 4444 of you server code.red.com that, I don't know, is a code scanner with a Web Interface. When you run that scanner, it fires up it's web GUI report and listens on a local port 4444

Now, you could open up port 4444 to to the world and just access it via code.red.com:4444. Or you could remote in via VNC for instance, but that would require a graphical desktop and a VNC service which can be frought with security issues.

Instead, you can create an SSH tunnel as long as you have SSH credentials and access that will let you access that service on you local machine, via a forwarded, or tunneled port.

Creating the Tunnel

The following command will create an SSH tunnel from your machine, port 8080 to your server's local, not publically accessible port 4444.

ssh -L 8080:localhost:4444 root@code.red.com

Explanation

The -L instructs ssh to create a local port forward. Note, this is local to the remote machine, so that can be a bit confusing at first.

8080 is the port on your local machine that will listen for connections and foward them to port localhost:4444 on your server.

root@code.red.com is the user account and domain of your server. You could easily use an IP address as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment