ssh reverse tunneling

March 16th, 2007 mysurface Posted in Admin, Network, ssh | Hits: 78560 | 11 Comments »

Recently I just discover how to perform ssh reverse tunneling, which is so amazing! I though I know enough about ssh, but ssh is capable of doing more than just connect to a remote server. You can find simple examples of accessing remote server through ssh here.

What is the usage for reverse tunneling?
Let say I have my server open ssh port to public, which means remote host from the Internet can access to my server through ssh. Another side, my friend’s machine do not open ssh port to public or his machine is behind the firewall.

With this condition, my friend can access my server, but I can’t login to his machine with conventional way. But, with ssh reverse tunneling, I can access to his machine.

How?
My friend’s (toydi) side need to create a reverse tunnel,
1. He create an user account for me as mysurface, uses useradd
2. Set a default password for mysurface user account, uses passwd
3. Setup ssh reverse tunnel

ssh -R 14443:localhost:22 toydi@mysurface.org

Assume that I already setup an account for toydi and my server domain name is mysurface.org.

-R means remote, remote port is set to 14443, forward to? my ‘localhost’ with port 22.

When it is done, toydi notify me and now from my side, login to his machine like this

ssh mysurface@localhost -p 14443

It looks like I am login to my own machine with local port 14443. But the truth is, I am login to toydi’s machine through ssh reverse tunnel that he provide me.

The tunnel is
toydi’s localhost:22 <----------------- mysurface's localhost:14443

I can do a dynamic tunneling to his machine too in this way,

ssh -D 4445 mysurface@localhost -p 14443

More about ssh dynamic tunneling examples here.

There are more usage and manipulations of how to use reverse tunnel, check out MikeyMcKay's Hacktivate blog.

11 Responses to “ssh reverse tunneling”

  1. nice article, i never know reverse tunnelling concept before :)

  2. I have’d understand…

    1) Computer A (can’t open ports)
    2) Computer B (can open ports)

    Computer A:
    - useradd: mickeymouse password: duck
    - ssh -R 14443:localhost:22 mickeymouse@remote_wan_ip_B

    Computer B:
    - useradd: mickeymouse password: duck
    - Router, I have public port and private port, I need to open 14443 (public) and 22 (private) ?
    - ssh remote_wan_ip_B@localhost -p 14443

    It is correct ?
    Best regards.
    GbMax78

  3. GbMax78: Computer B only needs to open port 22 as public, 14443 is just a private port used to create a reverse tunnel across port 22 back to Computer A.

    ComputerB:22 < ---------------ComputerA:45678(random port)

    ComputerB:14443----:22-------->ComputerA:45678

  4. Hi. Thanks for this information about “ssh reverse tunneling”. It’s workin fine!

    I just tried to make the remote machine (in your case your friend’s side) more secure using iptables. I want to let 2 connections open only:

    - port 22 for explicit IP (is needed in the remote LAN)
    - ssh reverse tunneling

    do you have any idea how the iptable rules should look like?

    thanks!

  5. @swaakaa: you may check out the examples at http://www.debian-administration.org/articles/187 . I think –hitcount is the one you are looking for.

  6. [...] ssh reverse tunneling [...]

  7. [...] article [SSH reserve tunnel] shows the method to complete the [...]

  8. Send Anonymous Emails – Hide your IP in E-mail headers. Supports Webmail services like Yahoo, Hotmail, and GMail. Mail clients supported with a Premium account include Outlook, Outlook Express, Eudora, and more!

  9. I have to show thanks to this writer just for rescuing me from this type of matter. Because of looking throughout the the web and finding tricks which were not helpful, I was thinking my life was done. Living devoid of the strategies to the issues you have sorted out by way of your main blog post is a crucial case, and ones that could have in a negative way damaged my entire career if I had not encountered your blog. Your personal competence and kindness in taking care of the whole lot was vital. I am not sure what I would have done if I had not discovered such a step like this. I can also now look forward to my future. Thanks for your time so much for your impressive and effective guide. I will not hesitate to recommend your web site to any person who needs direction about this area.

  10. I don’t even know the way I finished up here, but I believed this
    post was great. I don’t recognize who you are but certainly you are
    going to a famous blogger in the event you aren’t already.
    Cheers!

Leave a Reply