ssh Tunneling For Specific IP:port combo - SSH

This is a discussion on ssh Tunneling For Specific IP:port combo - SSH ; Imagine the following topology: Laptop Firewall INTERNET sshd Server | | Server@IP ort (To make this simple, assume everything is running FreeBSD or Linux.) Here are the operating conditions: - Laptop wants to get to IP ort - But Firewall ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: ssh Tunneling For Specific IP:port combo

  1. ssh Tunneling For Specific IP:port combo

    Imagine the following topology:


    Laptop <-> Firewall <-> INTERNET <-> sshd Server
    |
    |
    Server@IPort

    (To make this simple, assume everything is running FreeBSD or Linux.)


    Here are the operating conditions:

    - Laptop wants to get to IPort
    - But Firewall is blocking outbound access to IPort
    - Firewall does allow outbound ssh connections
    - sshd Server has no restrictions on Net access one you're logged in

    So ...

    How do I invoke the ssh client on Laptop to establish a tunnel via
    sshd Server to get to IPort? I know how to do this when the
    desired service is hosted on sshd Server itself. It's the "getting
    to somewhere else on the net via that sshd Server" that has me stumped.

    TIA,

  2. Re: ssh Tunneling For Specific IP:port combo

    Tim Daneliuk wrote:
    > Imagine the following topology:
    >
    >
    > Laptop <-> Firewall <-> INTERNET <-> sshd Server
    > |
    > |
    > Server@IPort
    >
    > (To make this simple, assume everything is running FreeBSD or Linux.)
    >
    >
    > Here are the operating conditions:
    >
    > - Laptop wants to get to IPort
    > - But Firewall is blocking outbound access to IPort
    > - Firewall does allow outbound ssh connections
    > - sshd Server has no restrictions on Net access one you're logged in
    >
    > So ...
    >
    > How do I invoke the ssh client on Laptop to establish a tunnel via
    > sshd Server to get to IPort? I know how to do this when the
    > desired service is hosted on sshd Server itself. It's the "getting
    > to somewhere else on the net via that sshd Server" that has me stumped.
    >
    > TIA,


    What you're describing is standard ssh port forwarding. Assuming the
    laptop is running OpenSSH, and the final destination you want to connect
    to is SomeServer.com, port 5000...

    ssh -L 9999:SomeServer.com:5000 username@SSHDserver

    Or if you want it to run in background and not open a command line to
    SSHDserver,

    ssh -N -L 9999:SomeServer.com:5000 username@SSHDserver &

    You then connect your application to localhost (or 127.0.0.1) port 9999.
    You can also make the local port the same as the remote port and I
    normally do this. I just made them different for the example so you know
    which port # refers to which IP.

    Chuck

  3. Re: ssh Tunneling For Specific IP:port combo

    Tim Daneliuk wrote:
    > How do I invoke the ssh client on Laptop to establish a tunnel via
    > sshd Server to get to IPort? I know how to do this when the
    > desired service is hosted on sshd Server itself. It's the "getting
    > to somewhere else on the net via that sshd Server" that has me stumped.


    Interestingly, this behaviour is exactly what is bothering me, but the
    ssh arguments to forward an arbitrary connection are as follows:

    ssh -N -L local_port:host.on.internetort user@sshd.server

    It may be easier to just do X forwarding, though. That way the apps run
    on the server while X if tunneled through the ssh connection.

    If your laptop is on a WiFI network with the sshd server and you're
    looking for a secure way to access the internet from the laptop through
    the server, you might want to look into OpenVPN. Steer clear of WEP,
    since it provides about as much security as a cartboard box.

    Steven.

  4. Re: ssh Tunneling For Specific IP:port combo

    Chuck wrote:
    > Tim Daneliuk wrote:
    >> Imagine the following topology:
    >>
    >>
    >> Laptop <-> Firewall <-> INTERNET <-> sshd Server
    >> |
    >> |
    >> Server@IPort
    >>
    >> (To make this simple, assume everything is running FreeBSD or Linux.)
    >>
    >>
    >> Here are the operating conditions:
    >>
    >> - Laptop wants to get to IPort
    >> - But Firewall is blocking outbound access to IPort
    >> - Firewall does allow outbound ssh connections
    >> - sshd Server has no restrictions on Net access one you're logged in
    >>
    >> So ...
    >>
    >> How do I invoke the ssh client on Laptop to establish a tunnel via
    >> sshd Server to get to IPort? I know how to do this when the
    >> desired service is hosted on sshd Server itself. It's the "getting
    >> to somewhere else on the net via that sshd Server" that has me stumped.
    >>
    >> TIA,

    >
    > What you're describing is standard ssh port forwarding. Assuming the
    > laptop is running OpenSSH, and the final destination you want to connect
    > to is SomeServer.com, port 5000...
    >
    > ssh -L 9999:SomeServer.com:5000 username@SSHDserver
    >
    > Or if you want it to run in background and not open a command line to
    > SSHDserver,
    >
    > ssh -N -L 9999:SomeServer.com:5000 username@SSHDserver &
    >
    > You then connect your application to localhost (or 127.0.0.1) port 9999.
    > You can also make the local port the same as the remote port and I
    > normally do this. I just made them different for the example so you know
    > which port # refers to which IP.
    >
    > Chuck


    Many thanks - just what I was looking for ...

+ Reply to Thread