Ssh port forwarding


From Linuxconfig.org

Jump to: navigation, search

SSH Port Forwarding allows us to create a very simple "VPN" which allows you to secure insecure protocols. When creating encrypted tunnels a ssh client needs to be connected to a ssh server on a remote host. In this scenario we are going to use ssh port forwarding to create a encrypted tunnel for telnet connection.

Enable telnet server on remote host

Make sure that the telnet server is running on a remote host: 

$ netstat -ant | grep 23

remote server port 23

Create ssh tunnel to remote host

In this example you will open port 4500 on your local host and tunnel it to port 23 on your remote host. You do not have to do this as a root. Since we are using a port higher than 1024 a ordinary user can create this port forward. Keep in mind that a tunnel is erected only when the ssh connection is running. 

# ssh -L 4500:127.0.0.1:23 linuxconfig.org

create tunnel

At this point every connection which uses port 4500 on the localhost will be redirected to remote port 23.

Telnet to remote host via ssh port forwarding

Before we attempt to telnet to remote host via tunnel we need to ensure that the tunnel is still running: 

# netstat -ant | grep 4500

tunnel is still running

Once we know that the tunnel is still running we can attempt to telnet on local port 4500. 
# telnet localhost 4500

tunnel is still running

Retrieved from "http://www.linuxconfig.org/Ssh_port_forwarding"
Personal tools