Live Chat!
ssh reverse tunneling
March 16th, 2007 mysurface Posted in Admin, Network, ssh | Hits: 25991 |
Recently I just discover how to perform ssh reverse tunneling, which is so amazing! I though I know enough about ssh, but ssh is capable of doing more than just connect to a remote server. You can find simple examples of accessing remote server through ssh here.
What is the usage for reverse tunneling?
Let say I have my server open ssh port to public, which means remote host from the Internet can access to my server through ssh. Another side, my friend’s machine do not open ssh port to public or his machine is behind the firewall.
With this condition, my friend can access my server, but I can’t login to his machine with conventional way. But, with ssh reverse tunneling, I can access to his machine.
How?
My friend’s (toydi) side need to create a reverse tunnel,
1. He create an user account for me as mysurface, uses useradd
2. Set a default password for mysurface user account, uses passwd
3. Setup ssh reverse tunnel
ssh -R 14443:localhost:22 toydi@mysurface.orgAssume that I already setup an account for toydi and my server domain name is mysurface.org.
-R means remote, remote port is set to 14443, forward to? my ‘localhost’ with port 22.
When it is done, toydi notify me and now from my side, login to his machine like this
ssh mysurface@localhost -p 14443It looks like I am login to my own machine with local port 14443. But the truth is, I am login to toydi’s machine through ssh reverse tunnel that he provide me.
The tunnel is
toydi’s localhost:22 <----------------- mysurface's localhost:14443
I can do a dynamic tunneling to his machine too in this way,
ssh -D 4445 mysurface@localhost -p 14443More about ssh dynamic tunneling examples here.
There are more usage and manipulations of how to use reverse tunnel, check out MikeyMcKay’s Hacktivate blog.
April 8th, 2007 at 2:52 am
nice article, i never know reverse tunnelling concept before :)
April 13th, 2008 at 10:56 pm
I have’d understand…
1) Computer A (can’t open ports)
2) Computer B (can open ports)
Computer A:
- useradd: mickeymouse password: duck
- ssh -R 14443:localhost:22 mickeymouse@remote_wan_ip_B
Computer B:
- useradd: mickeymouse password: duck
- Router, I have public port and private port, I need to open 14443 (public) and 22 (private) ?
- ssh remote_wan_ip_B@localhost -p 14443
It is correct ?
Best regards.
GbMax78
April 13th, 2008 at 11:58 pm
GbMax78: Computer B only needs to open port 22 as public, 14443 is just a private port used to create a reverse tunnel across port 22 back to Computer A.
ComputerB:22 < ---------------ComputerA:45678(random port)
ComputerB:14443----:22-------->ComputerA:45678
June 25th, 2008 at 4:49 pm
Hi. Thanks for this information about “ssh reverse tunneling”. It’s workin fine!
I just tried to make the remote machine (in your case your friend’s side) more secure using iptables. I want to let 2 connections open only:
- port 22 for explicit IP (is needed in the remote LAN)
- ssh reverse tunneling
do you have any idea how the iptable rules should look like?
thanks!
June 25th, 2008 at 7:09 pm
@swaakaa: you may check out the examples at http://www.debian-administration.org/articles/187 . I think –hitcount is the one you are looking for.
July 10th, 2008 at 7:38 pm
[...] ssh reverse tunneling [...]
April 2nd, 2009 at 3:26 pm
[...] http://linux.byexamples.com/archives/238/ssh-reverse-tunneling/ [...]