SSH Port Forwarding
SSH port forwarding, essentially, is the art of causing a port from one host to appear on another, using a connection through SSH.
Port forwarding can accomplish several goals at once, but one of the most compelling reasons to use the technique is that traffic to the forwarded port is encrypted.
============================
= 0. Environment: =
============================
Server: test.3322.org
Client1: 192.168.50.101
Client2: 192.168.50.102
============================
= 1. Local Port Forwarding =
============================
A. for localhost only
syntax: ssh -L ::
$ ssh -L 4000:localhost:3389 administrator@test.3322.org
Note: service is available on the loopback interface only, listening on port tcp/4000
$ sudo netstat -tlnp|grep 4000
tcp 0 0 127.0.0.1:4000 0.0.0.0:* LISTEN 4546/ssh
on , open RDP, type "localhost:4000", can connect to test.3322.org desktop
B. for anyone on the local subnet
$ ssh -L 4000:localhost:3389 -g administrator@test.3322.org
note: -g: GatewayPorts enabled
Note: service is available on all interfaces on your network, available for anyone to connect to on the local subnet
$ sudo netstat -tlnp|grep 4000
tcp 0 0 :::4000 :::* LISTEN 4561/ssh
on , open RDP, type "192.168.50.101:4000", can connect to test.3322.org desktop
=============================
= 2. Remote Port Forwarding =
=============================
A. for localhost only
syntax: ssh -R ::
$ ssh -R 4000:localhost:3389 administrator@test.3322.org
用于client1无法主动ssh连接到防火墙另一端的server,但从server可以发起ssh连接时使用
$ sudo netstat -tlnp|grep 4000
tcp 0 0 127.0.0.1:4000 0.0.0.0:* LISTEN 4546/ssh
B. for anyone on the local subnet
there’s no -g option for remote forward, so you need to change the SSH configuration of work.example.org, add to sshd_config:
GatewayPorts yes
$ ssh -R 4000:localhost:3389 administrator@test.3322.org
$ sudo netstat -tlnp|grep 4000
Note: service is available on all interfaces on your network, available for anyone to connect to on the local subnet
$ sudo netstat -tlnp|grep 4000
tcp 0 0 :::4000 :::* LISTEN 4561/ssh
============================
= 3. Dynamic Forwarding =
============================
$ ssh -D
建立socks代理服务
$ ssh -f -N -D 0.0.0.0:1080 localhost OR
$ ssh -f -g -N -D 1080 localhost
note: -f: let the command go into background as a daemon
-D: dynamic port forwarding
-N: makes sure ssh stays idle and doesn't execute any commands on localhost
0.0.0.0: all network
on Client2, using FireFox, in Tools-Options-Advanced-Network-Settings, set SOCKS Host: 192.168.50.101, Port: 1080;
Another possibility is to use another computer instead of your own as exit node. What I mean is you can do the following:
syntax: ssh -f -N -D 1080 other_computer.com
e.g. $ ssh -f -N -D 0.0.0.0:1080 test@shell.cjb.net
refrence:
阅读(2163) | 评论(0) | 转发(0) |
