Create SSH tunnels

From ezUnix
Jump to: navigation, search
                                    pdf_icon.png Download this article as a single PDF document 

SSH tunnels

Introduction

Tunneling is one of the neatest functions of SSH.
It's sometimes desired to tunnel protocols through an SSH tunnel to a remote host, for instance SMTP, to avoid cumbersome limitations.
Here is info on how to do this.

Requirements

SSH on local host and SSH server to connect to.


Execution

Here's an example of ssh command to tunnel SMTP over ssh via remotehost to a different remote server - host_to_foward.

ssh -C -g -l myusername remote_ssh_server -L 10025:host_to_forward:25'

remote_ssh_server - hostname or IP of the SSH server we connect to.
-C turns on compression using the same algorithm as gzip.
-g Allows remote hosts to connect to local forwarded ports.
-l lets us specify username.
-L Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.

So if we ran command like this:

#  ssh -C -g -l yazzy shell.host.com -L 10025:mail.host.com:25

This would create an SSH tunnel from our computer to the shell.host.com server.
The the shell.host.com server would forward all the requests coming in from the tunnel to port 25 (smtp) on mail.host.com.
This means we can on our computer (localhost) connect to port 10025 and then we will "talk" to mail.host.com's port 25!

Another example:
To set up SSH tunnel to a remote HTTP Proxy you can run:

# ssh -C2TnN -L 8080:localhost:8888 username@remotehost.tld

Where 8080 is the port on the local computer and 8888 would be the port of the remote HTTP proxy.


That's all folks.

YazzY


<comments />

Yolanda said ...

<comment date="2012-07-12T02:57:27Z" name="Yolanda"> I personally shloud say the fact that your current web site content and articles is very beneficial. It's not easy to manage these types of top notch in the blog. Stick to the great work. </comment>

Diyar said ...

<comment date="2012-07-14T09:04:23Z" name="Diyar"> One should state the fact that your cunerrt site post is extremely great. It's not simple to retain these types of high quality in the blog. Keep up the good job. </comment>

Troy said ...

<comment date="2013-01-10T08:00:55Z" name="Troy"> July 5, 2011 11:55 am by Jacqueline Dwyer Why do we play into the sterotype of what orthes' think of us?I am Royalty, I am mother earth, I am Giver of LIfe, I am Creation most essential Glue, why would I think of myself in any inferior way.The caucasian women wants to look like me. They have gone through many processes even surgery to look like me. Why would I want to be anything else but me!We were well made, with all the essential tools to sustain and exist! I am truly proud of that so I celebrate me a beautiful, goddess with essential responsibility of maintaining that.Afrikan people wake up and stop playing into the sterotype of insulting yourselves.Peace </comment>

Swarup said ...

<comment date="2013-01-10T08:41:26Z" name="Swarup"> Recursive remote diff:cd {local-dir}for i in `find {subdir} -type f ` ; do echo "=== $i ===" ; ssh {remote-user}@{remote-host} "cat {remote-dir}/$i" | diff {local-dir}/$i ; doneExample:cd ~/root-of-my-local-project-dirfor i in `find app/controllers/ -type f ` ; do echo "=== $i ===" ; ssh "cat root-of-remote-project-dir/$i" | diff ~/root-of-my-local-project-dir/$i ; doneNote: {subdir} can be "." if you want eyihvtreng from {local-dir} </comment>

Lyka said ...

<comment date="2013-01-10T09:14:20Z" name="Lyka"> January 30, 2011 11:16 pm by Hi Yolanda,Great post about diaspora folks in Mexico. I just moved to Mexico City (TODAY) and would love to cnceont with people here. I do corporate partnerships for an international agriculture institute based here. It would be great to share knowledge maybe over coffee.Thanks! </comment>