Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| elosys:ssh_tunneling [2024/03/30 15:47] – created nadir | elosys:ssh_tunneling [2024/03/30 21:32] (current) – nadir | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== SSH Port Forwarding (Tunneling) ====== | ====== SSH Port Forwarding (Tunneling) ====== | ||
| + | |||
| + | {{ : | ||
| **SSH** (Secure Shell) is a widely used protocol for system administration and file transfer. It provides secure encrypted communication between two hosts over an insecure network. One of the key features of **SSH** is **port forwarding**, | **SSH** (Secure Shell) is a widely used protocol for system administration and file transfer. It provides secure encrypted communication between two hosts over an insecure network. One of the key features of **SSH** is **port forwarding**, | ||
| Line 94: | Line 96: | ||
| ===== Remote Port Forwarding ===== | ===== Remote Port Forwarding ===== | ||
| + | | ||
| ==== Definition and Usage ==== | ==== Definition and Usage ==== | ||
| + | |||
| + | * Remote port forwarding forwards traffic from a port on the SSH server to the local machine. | ||
| + | |||
| ==== Examples ==== | ==== Examples ==== | ||
| + | |||
| === Sharing Local Web Application === | === Sharing Local Web Application === | ||
| + | |||
| + | <cli> | ||
| + | ssh -R 7000: | ||
| + | </ | ||
| + | |||
| + | * This command forwards traffic from port 7000 on the remote server to port 8000 (web application) on the local machine. | ||
| + | |||
| + | |||
| + | * Users can access the web application hosted on the local machine by visiting **http:// | ||
| + | |||
| === Configuring Remote Access to Local Resources === | === Configuring Remote Access to Local Resources === | ||
| + | |||
| + | |||
| + | <cli> | ||
| + | ssh -R 8080: | ||
| + | |||
| + | </ | ||
| + | |||
| + | |||
| + | * This command forwards traffic from port 8080 on the remote server to port 8000 (web application) on the local machine at IP **192.168.100.1**. | ||
| + | |||
| + | |||
| + | * Allows remote access to a locally hosted web application. | ||
| + | |||
| ===== Dynamic Port Forwarding ===== | ===== Dynamic Port Forwarding ===== | ||
| Line 107: | Line 136: | ||
| ==== Definition and Usage ==== | ==== Definition and Usage ==== | ||
| + | |||
| + | |||
| + | |||
| + | * Dynamic port forwarding creates a SOCKS proxy on the local machine, allowing traffic to be forwarded through the SSH server dynamically. | ||
| + | |||
| ==== Configuring Dynamic Port Forwarding ==== | ==== Configuring Dynamic Port Forwarding ==== | ||
| + | |||
| + | |||
| + | <cli> | ||
| + | ssh -D 4000 user@example.com | ||
| + | </ | ||
| + | |||
| + | * This command creates a SOCKS proxy on port 4000 on the local machine, using the **SSH** server as a gateway. | ||
| + | |||
| + | |||
| + | * Applications can be configured to use this proxy for secure communication. | ||
| + | |||
| ==== Applications and Settings ==== | ==== Applications and Settings ==== | ||
| - | ===== Additional Tips and Best Practices ===== | ||
| + | * Configure application settings to use **SOCKS** proxy. | ||
| + | * Consider using browser extensions for easy proxy setup. | ||
| + | |||
| + | |||
| + | ===== Additional Tips and Best Practices ===== | ||
| + | |||
| + | | ||
| ==== Disabling Shell and Running in Background ==== | ==== Disabling Shell and Running in Background ==== | ||
| + | |||
| + | * Use **-N** flag to disable shell when not needed. | ||
| + | |||
| + | |||
| + | * Use **-f** flag to run SSH in the background. | ||
| ==== Considerations for Proxy Usage ==== | ==== Considerations for Proxy Usage ==== | ||
| + | |||
| + | * Avoid running **HTTP** servers on remote machines when using SSH as a **proxy**. | ||
| + | |||
| + | |||
| + | ---- | ||
| - | ==== Security Considerations ==== | ||
| + | --- // | ||