grplyler · September 16, 2020 20:42 · Sep 16, 2020 · Sep 16, 2020 · Sep 16, 2020 · Sep 16, 2020
diff --git a/ssh_tunnel_howto.md b/ssh_tunnel_howto.md
@@ -24,6 +24,8 @@ port `4444`.
 ssh -L 8080:localhost:4444 root@code.red.com
 ```
 
+If you have ssh access, this will log you in via SSH as usuall, BUT, it will also start listening on a local port `8080`.
+
 **Explanation**
 
 The `-L` instructs ssh to create a *local* port forward. Note, this is *local* to the remote machine, so that
@@ -32,3 +34,17 @@ can be a bit confusing at first.
 `8080` is the port on your local machine that will listen for connections and foward them to port `localhost:4444` on your server.
 
 `root@code.red.com` is the user account and domain of your server. You could easily use an IP address as well.
+
+**Tunneling without a shell**
+
+If you just want to forward the port, and dont need shell access, you can use the following command:
+
+```
+ssh -N -L 8080:localhost:4444 root@code.red.com
+```
+
+The `-N` just means, "no login" and ssh will continue to hold that connection until you `Ctrl-C` out of it.
+
+### Conclusion
+
+A nice perk of this methods is that your connection to whatever service is encrpted with the same security as an SSH connection. This allows you to securely access and potentially insecure service from the inside. There are also other kinds of SSH tunneling and port forwarding that I encourage you to look into, but those are beyond the scope of this little writeup.
diff --git a/ssh_tunnel_howto.md b/ssh_tunnel_howto.md
@@ -4,8 +4,31 @@
 
 **Use Case**
 
-Let's say you have secret service running on port 4444 of you server `code.red.com`
+Let's say you have secret service running on port `4444` of you server `code.red.com` that, I don't
+know, is a code scanner with a Web Interface. When you run that scanner, it fires up it's web GUI report
+and listens on a local port `4444`
+
+Now, you could open up port 4444 to to the world and just access it via `code.red.com:4444`. Or
+you could remote in via VNC for instance, but that would require a graphical desktop and a VNC service
+which can be frought with security issues.
+
+Instead, you can create an SSH tunnel as long as you have SSH credentials and access that will let you
+access that service on you local machine, via a forwarded, or tunneled port.
+
+**Creating the Tunnel**
+
+The following command will create an SSH tunnel from your machine, port 8080 to your server's *local*, not publically accessible
+port `4444`.
 
 ```
+ssh -L 8080:localhost:4444 root@code.red.com
+```
+
+**Explanation**
+
+The `-L` instructs ssh to create a *local* port forward. Note, this is *local* to the remote machine, so that
+can be a bit confusing at first.
+
+`8080` is the port on your local machine that will listen for connections and foward them to port `localhost:4444` on your server.
 
-```
+`root@code.red.com` is the user account and domain of your server. You could easily use an IP address as well.
diff --git a/ssh_tunnel_howto.md b/ssh_tunnel_howto.md
@@ -4,7 +4,7 @@
 
 **Use Case**
 
-Let's say you have a secret service
+Let's say you have secret service running on port 4444 of you server `code.red.com`
 
 ```
 

diff --git a/ssh_tunnel_howto.md b/ssh_tunnel_howto.md
@@ -1,6 +1,10 @@
 ## SSH Tunneling (Port Fowarding)
 
-**So**
+*AKA, Poor-mans VPN Method*
+
+**Use Case**
+
+Let's say you have a secret service
 
 ```
 

diff --git a/ssh_tunnel_howto.md b/ssh_tunnel_howto.md
@@ -0,0 +1,7 @@
+## SSH Tunneling (Port Fowarding)
+
+**So**
+
+```
+
+```
No results found