Friday, January 11, 2013

ssh tunneling

The SSH tunneling (also know as port forwarding) is ability to access computer ip ports through third computer, assuming that direct access are forbidden and we have an ssh access to the third computer which has access to that port.

This kind of techniques can be used also to securely connect to remotes computer's only locally open ports. For example lets we have some server running on port 5432 on dbserver machine. There is no permission to connect to dbserver:5432 from outside, but we have an access to dbserver with ssh.
On our local computer by running the following
ssh -NC -L 1234: dbserver
the ssh will listen on local machine port 1234 and all data packets will forward to dbserver, where the ssh server will redirect them to
The -C option is for compressing the data, and the -N option for not executing any command remotely(by default ssh executes specified command or login to the shell)

By adding -f we can send ssh to background
ssh -NC -L 1234: -f dbserver

No comments:

Post a Comment