SSH bypassing Firewall and NAT Supporting tagline
Just spent a while helping Jon Tremelling with his most recent Linux faux pas (for the future Jon; Don't ever run dd on the wrong device!).
Anyway, as per usual we have a problem with me trying to SSH around his routers closed and forwarded ports. This got me thinking about reverse SSH tunneling and if we could use my VPS as a middle man.
Through some Googling I found the SSH option -R which allows you to bind a port on the remote server to a new host.
So let us run this command on the machine we are trying to reach, our destination machine, using my VPS (ivings.org.uk) as the middle man:
blog comments powered by Disqus
ssh -R 10022:localhost:22 middleman@ivings.org.ukThis opens and binds port 10022 on the VPS for listening, and all connections on that port are forwarded to port 22 of our destination. Now if I ssh to the VPS:
ssh james@ivings.org.ukThen connect to the tunnel port:
ssh user@localhost -p 10022Where `user` is our username for the destination, then we should be logged on through our tunnel, bypassing the destination machines firewall and NAT. If you want to add extra security, then this situation should work fine with normal ssh keys instead of passwords.
blog comments powered by Disqus