Jun 182011
 

ssh Today I present another excellent article by Domenico Raffaele originally presented in his blog (in Italian) where you can find many other interesting articles about hacks and VoIP. This is his second article about ssh.

Here you’ll see some example of SSH Port Forwarding, sometimes called SSH Tunneling, which allows you to establish a secure SSH session and then tunnel arbitrary TCP connections through it. Tunnels can be created at any time, with almost no effort and no programming, which makes them very appealing.




Local Port Forwarding

Running on host1:

# ssh -g -L 8080:www.voipandhack.it:80 host2

ssh will start a connection with host2,  listening on port 8080 and redirect all attempts to connect to that port to the server host2 sshd, which in turn redirect to port 80 of www.voipandhack.it.

Firefox ---> host1:8080 ssh ====== host2:22 sshd ---> wwww.voipandhack.it:80

So on the browser, the website http://host1:8080 will look like the homepage of di www.voipandhack.it

not considering the flag -g, ssh will listen only on local connection on 127.0.0.1

Remote Port Forwarding

Runnin on host1:

# ssh -R 8080:mywebserver:80 host2

The sshd server on host2, when accepting a connection,  will listen on port 8080, and will forward each packet destined to that port to the client ssh of host1, which in turn will forward it to port 80 of mywebserver

mywebserver:80 <--- host1 ssh ====== host2:22 sshd:8080 <--- Firefox

In this way, people who are pointing their browsers to http://host2:8080 can visit the internal webserver

Popular Posts:

Flattr this!

  3 Responses to “More SSH Port Forwarding”

  1. salve

    bel articolo semplice ed efficace!

    sapreste indicarmi come posso ricreare in automatico questo tunnel in caso di disconnessione?

  2. Thank you for this great guide, it was helpful! For checking if the ports are open remotely I use http://www.openportchecker.net/

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

*