m (Text replacement - "Category:Linux{{Navbox Linux}}" to "{{Navbox Linux}}Category:Linux")
m
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
Suppose you are inside a network that has no public IP address. If you are working on machineA, and you need to SSH in from outside the network, say from machineB, run the following on machineA:
 
Suppose you are inside a network that has no public IP address. If you are working on machineA, and you need to SSH in from outside the network, say from machineB, run the following on machineA:
  
machineA$ ssh -R 22222:localhost:22 user@machineB
+
{{highlight|lang=terminal|code=
 +
machineA$ ssh -R 22222:localhost:22 user@machineB
 +
}}
  
 
On machineB, you can now SSH to machineA by running:
 
On machineB, you can now SSH to machineA by running:
 +
{{highlight|lang=terminal|code=
 +
machineB$ ssh user@localhost -p 22222
 +
}}
  
  machineB$ ssh user@localhost -p 22222
+
The first command creates a SSH tunnel which will listen on 127.0.0.1:22222 on machineB that tunnels to localhost:22 on machineA. You should now be able to access machineB:22 by connecting to 127.0.0.1:22222 on machineA.
  
The first command creates a SSH tunnel which opens port 22222 on machineB that tunnels to machineA:22. You may extend this by replacing localhost with another host on the internal network in order to SSH in remotely to another host.
+
You can make the tunnel target a remote host by replacing {{code|localhost}} with another server.
 +
 
 +
You may make the tunnel bind on all addresses instead of {{code|127.0.0.1}} by ensuring that {{code|1=GatewayPorts = yes}} or {{code|1=GatewayPorts = clientspecified}} on machineB's SSH server and then specifying the bind address when connecting. Eg.
 +
{{highlight|lang=terminal|code=
 +
machineA$ ssh -R 0.0.0.0:22222:localhost:22 user@machineB
 +
}}
  
 
{{Navbox Linux}}[[Category:Linux]]
 
{{Navbox Linux}}[[Category:Linux]]

Latest revision as of 10:49, 4 November 2019

Suppose you are inside a network that has no public IP address. If you are working on machineA, and you need to SSH in from outside the network, say from machineB, run the following on machineA:

machineA$ ssh -R 22222:localhost:22 user@machineB

On machineB, you can now SSH to machineA by running:

machineB$ ssh user@localhost -p 22222

The first command creates a SSH tunnel which will listen on 127.0.0.1:22222 on machineB that tunnels to localhost:22 on machineA. You should now be able to access machineB:22 by connecting to 127.0.0.1:22222 on machineA.

You can make the tunnel target a remote host by replacing localhost with another server.

You may make the tunnel bind on all addresses instead of 127.0.0.1 by ensuring that GatewayPorts = yes or GatewayPorts = clientspecified on machineB's SSH server and then specifying the bind address when connecting. Eg.

machineA$ ssh -R 0.0.0.0:22222:localhost:22 user@machineB