SSH Tunneling (port forwarding + reverse port forwarding + SOCK5)

ssh_utils.md

About

SSH tunneling and port forwarding snippets and utils

Table of Contents

• SOCK5 tunnel everything: Link
• Local port forwarding: Link
• Remote port forwarding: Link

ssh_utils_local.md

About

SSH local-port-forwarding. You want to be able to access a service or website that your firewall is preventing you from accessing but you know it is available from the remote server.

Commands

• Definition

ssh -fNL LOCAL-IP:LOCAL-PORT:REMOTE-IP:REMOTE-PORT username@remote-host
ssh -fNL LOCAL-IP:LOCAL-PORT:REMOTE-URL:REMOTE-PORT username@remote-host

• Examples

# Example 1
# If you want to access a service that is running on the remote server port 8888,
# but there is a firewall that is preventing you from accessing the port 8888 from the browser.
# For example you would like to do this from the browser but cannot, remote-host:8888
# After running the following command you can access the service from your local browser, localhost:8080
$ ssh -NL 0.0.0.0:8080:localhost:8888 username@remote-host


# Example 2
# If you are not able to access google.com from your local system but the remote server is able to access it.
# After running the following command you can access the google.com from your local browser, localhost:8080
$ ssh -NL 0.0.0.0:8080:google.com:80 username@remote-host

• Option Combinations
  • -L: Local port forward and open a remote shell.
  • -NL: Local port forward but do not open a remote shell.
  • -fNL: Local port forward, do not open remote shell, and send this into the background.

ssh_utils_remote.md

About

One use case for using remote port-forwarding is if a local machine is stuck behind a vpn or firewall and it needs to be accessed by a remote machine. Simple ssh will suffice but we use autossh to keep the connection reliably open for a long period of time.

Commands

Allow SSH into first machine (local) from second (remote) and third (third party) machine

Open up ssh port on the first machine, such that it can be accessed by the second machine. We will use the first, second and third to mean the same machines in all examples.

• The following command should be run on the first machine.
• Autossh requires two additional echo ports on the second machine. Autossh uses these two ports to check if the connection is alive or not. So in all, the second machine must open three ports in the firewall for autossh to work. For this example we use the following ports:
  • ACCESS_PORT = 8080
  • ECHO_PORT_1 = 20000
  • ECHO_PORT_2 = ECHO_PORT_1 + 1 (20001) (This is done automatically by autossh if not manually set).
• The command that needs to be run on the first machine is of the following form:

  # Usage
  $ autossh -M ECHO_PORT_1 -fNR IP-ON-SECOND:ACCESS_PORT:IP-ON-FIRST:SSH-PORT second-user@second-host
  
  # Example
  $ autossh -M 20000 -fNR 0.0.0.0:8080:localhost:22 second-user@second-host

• The command that needs to be run on the second machine to access the first machine via ssh is of the following form:

  # Usage
  $ ssh first-user@second-host -p ACCESS_PORT
  
  # Example
  $ ssh first-user@locahost -p 8080
  ### OR 
  $ ssh [email protected] -p 8080

• The command that needs to be run by a third machine trying to gain access to the first machine via the second machine is of the following form:

  # Usage
  $ ssh first-user@second-host -p ACCESS_PORT
  
  # Example
  $ ssh first-user@second-host -p 8080

ssh_utils_sock5.md

About

We can use ssh-local-port-forwarding to have access to a single REMOTE IP:PORT being redirected to a LOCAL IP:PORT. However port forwarding can forward all REMOTE IP*:PORT* combinations to a LOCAL PORT. This would mean that if you setup a proxy on your LOCAL PORT, then accessing abc.com on your LOCAL machine would redirect you to abc.com on the REMOTE machine.

The bash commands to make this work are shown below.

Sources

• https://askubuntu.com/questions/112177/how-do-i-tunnel-and-browse-the-server-webpage-on-my-laptop
• https://superuser.com/questions/819714/chrome-ssh-tunnel-forwarding

Commands

• Use one terminal and run the ssh port forwarding command.
• Use another terminal and open a browser using SOCKS proxy.

SSH Port Forward Everything

• The example uses port 8080.
• This command does not run in the background. You can lookup for ssh --help for running the command in the background.

$ ssh -ND 8080 username@remotehost

Browser Session with SOCKS Proxy

• Install Chromium browser which makes it easy to create a proxy server session.
• Create a proxy sessson with the localhost:PORT, the example uses port 8080.
• This command does not run in the background and opens a chromium browser session with the proxy enabled.
• Warning: Every URL that you access using this proxy session will be as if you are accessing them from the REMOTE Machine, therefore use this session specifically for the URLs that you intend to use.

$ sudo apt-get install chromium-browser
$ chromium-browser --proxy-server="socks5://localhost:8080"

In the remote port-forwarding case, I can ssh to the first machine on the second machine with ssh first-user@second-host -p ACCESS_PORT.

But when trying to ssh to the first machine on a third-party machine, I got ssh: connect to host IP-ON-SECOND- port ACCESS_PORT: Connection refused eeror.

The ssh version is OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f 31 Mar 2020.