Menu
Is it possible to do the following via an SSH tunnel...
Host-1 is a device that I will not have access to directly. Host-1 is set up to automatically establish an SSH connection to a remote server via cron. At any point while Host-1 has established an SSH connection to the Remote Server, I wish to log into the Remote Server in order to perform maintenance on Host-1 via SSH.
I am looking for an example of how this would work if its possible.
395
With Two-Way SSH tunnel you can connect to any destination under a single condition, which is, the ability to ssh login from the destination to the source. If you can do that, you can as well reverse login from source to destination even if it is behind firewall or NAT.
To create a reverse SSH tunnel, the machine in question first needs to open an SSH connection beyond the firewall and then include a -R tunnel at the remote machine's connection port. On the man page, SSH -R description is: -R [bind_address:]port:host:hostport.
Remote port forwarding (reverse tunneling) Also often called SSH reverse tunneling, remote port forwarding redirects the remote server's port to the localhost's port. When remote port forwarding is used, at first, the client connects to the server with SSH.
Like this:
host1$ ssh -N -R 8822:localhost:22 remote.host.com The optional -N says "don't execute a command" (helpful to prevent accidents caused by leaving remote shells laying around.)
Now from remote, you can SSH to host1 like this: (The remote port 8822 forwards to host1, but only on the loopback interface.)
remote$ ssh -p 8822 localhost For extra credit, you can export the forwarding to the whole world, allowing anyone get to host1 by hitting remote's port 8822. (Note the extra initial colon)
host1$ ssh -N -R :8822:localhost:22 remote.host.com If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
