Ssh tunnel

ssh tunnel

 * http://blog.trackets.com/2014/05/17/ssh-tunnel-local-and-remote-port-forwarding-explained-with-examples.html


 * There are 2 ways create ssh tunnel, local and remote port forwarding.

local port forward
1. Imagine you’re on a private network which doesn’t allow connections to a specific server imgur.com. To get around this we can create a tunnel through a server (example.com) which can access Imgur.com $ ssh -L 9000:imgur.com:80 user@example.com
 * 1) local forward your local 9000 port to imgur.com through example.com

2.you need to connect to a database on a server (example.com) which only allows local connection listens on the port 5432. Forward your local port 9000 to server's 5432. $ ssh -L 9000:localhost:5432 user@example.com ## connect db on local $ psql -h localhost -p 9000

remote port forward
1. web application on your local listen 3000, and you’d like to show it on internet. But your didn’t public IP. Forward your local:3000 to example.com:9000, example.com have public ip $ ssh -R 9000:localhost:3000 user@example.com

GatewayPorts yes $ sudo service ssh restart
 * SSH doesn’t by default allow remote hosts to forwarded ports, To enable this open /etc/ssh/sshd_config and add

some tips
$ ssh -nNT -L 9000:imgur.com:80 user@example.com
 * every time we create a tunnel you also SSH into the server and get a shell. This isn’t usually necessary, as you’re just trying to create a tunnel.To avoid this we can run SSH with the -nNT flags


 * black magic of ssh