SSH - SSH Tunneling
SSH Tunneling are useful for the following scenario
1. Bypassing firewall to access certain prohibited Internet services
2. Poor man VPN
In a nutshell, SSH tunneling is forwarding a specific local port to port at a remote machine over a encrypted tunnel created by SSH protocol connection.
While there are GUI SSH clients that help to setup SSH tunnel (ie, PuTTY), below are some ssh command that will do the same
In general, the ssh tunnel command format is
where
-f means executes command at background
-N means do not execute a remote command
username@your_ssh_server means your ssh connection information
-L local_port:remote_host:remote_port means your binding port information
For example, if a firewall policy blocks Google access, you can try to bypass the firewall through a SSH tunnel as follows
The above command set up a ssh tunneling via ssh_server.com that you have access. It forwards any request from localhost:12345 to www.google.com:80 through the ssh tunnel. So, when you type localhost:12345 at your favorite browser, it will fetch www.google.com:80 via the ssh tunnel.
Reference
http://en.wikipedia.org/wiki/Tunneling_protocol#Secure_shell_tunneling
http://www.revsys.com/writings/quicktips/ssh-tunnel.html
http://www.linuxjournal.com/content/ssh-tunneling-poor-techies-vpn
1. Bypassing firewall to access certain prohibited Internet services
2. Poor man VPN
In a nutshell, SSH tunneling is forwarding a specific local port to port at a remote machine over a encrypted tunnel created by SSH protocol connection.
While there are GUI SSH clients that help to setup SSH tunnel (ie, PuTTY), below are some ssh command that will do the same
In general, the ssh tunnel command format is
ssh username@your_ssh_server -f -N -L local_port:remote_host:remote_port
where
-f means executes command at background
-N means do not execute a remote command
username@your_ssh_server means your ssh connection information
-L local_port:remote_host:remote_port means your binding port information
For example, if a firewall policy blocks Google access, you can try to bypass the firewall through a SSH tunnel as follows
ssh abc@ssh_server.com -f -N -L 12345:www.google.com:80
The above command set up a ssh tunneling via ssh_server.com that you have access. It forwards any request from localhost:12345 to www.google.com:80 through the ssh tunnel. So, when you type localhost:12345 at your favorite browser, it will fetch www.google.com:80 via the ssh tunnel.
Reference
http://en.wikipedia.org/wiki/Tunneling_protocol#Secure_shell_tunneling
http://www.revsys.com/writings/quicktips/ssh-tunnel.html
http://www.linuxjournal.com/content/ssh-tunneling-poor-techies-vpn
Comments
Post a Comment