Tuesday 2 June 2009

SSH Tunnels

SSH tunnels can provide encrypted tunnels over the internet and also tunnel through many firewalls - effectively it is a VPN.

-R - connections to remote server will be tunneled
-2 - Use ssh version 2 (more secure)
-NX - Don't execute any remote commands, just create tunnel
-f - Background process
-C - use compression
# ssh -R 1234:local-server:80 username@remote-server
With the above command anyone trying to go to remote-server:1234 will be redirected to local-server:80 as seen from the machine initiating the ssh connection.

Autossh can be used to maintain a ssh tunnel, bringing it back up automatically if it fails.

Options as above with addition of:
-M - monitoring port to use
# autossh -2 -fN -M 2000 -R1234:localhost:80 user@remote-server

No comments:

Post a Comment