![]() Ssh -L sourcePort:forwardToHost:onPort connectToHost means: connect with ssh to connectToHost, and forward all connection attempts to the local sourcePort to port onPort on the machine called forwardToHost, which can be reached from the connectToHost machine. Local: -L Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. The machine, where the ssh tunnel command is typed is called »your host«. Tips on using ControlMaster to maintain your tunnel. ![]() Expose the reverse endpoint on a non-localhost IP.The -W option is used to open a connection to a remote host in order to continue the SSH conversation. Prox圜ommand ssh -fWlocalhost:22222 yourpublichost The firewalleduser field must match your username on the remote server, but firewalledhost can be any name that suits you, the name doesn't have to match anything resolvable, since your connection is governed by Hostname and Port.Īlternately, if you want to reach this from elsewhere on the Internet, you might add the following to your ~/.ssh/config: host firewalledhost If you're going to be accessing this host on a regular basis, you can also simplify access by adding a few lines to your ~/.ssh/config file on yourpublichost: host firewalledhostĪdjust firewalledhost and firewalleduser to suit. Then you'll get a password challenge for the username account (unless you've set up keys for passwordless login). Now that the -R service tunnel is active, you can connect to it from yourpublichost, establish a connection to the firewalled host through the tunnel: ssh -p 22222 get a host key challenge, as you've probably never hit this host before. ![]() (Note that if you intend to leave a connection open long term, unattended, possibly having it automatically refresh the connection when it goes down (by parsing ssh -O check ), I recommend using a separate, unique SSH key for it that you set up for just this tunnel/customer/server, especially if you are using RemoteForward. There will be a password challenge unless you have set up a key for a passwordless login.
0 Comments
Leave a Reply. |