-
The StackOverflow discussion What's ssh port forwarding and what's the difference between ssh local and remote port forwarding [duplicate] has a good visual comparison/explanation of the difference between the
ssh -L(-Lstands for local) andssh -R(-Rstands for remote). -
sshtunnel is a Python implementation of SSH tunnel (based on paramiko) .
SSH Tunnel
You can create a SSH tunnel from your local machine to a server using the command below.
ssh -i /path_to_key -fND 1080 user@server_ip
The created SSH tunnel is essentially a socks5 proxy
and can be accessed as localhost:1080.
If you want the tunnel (socks5 proxy) to be accessible by other machines as well
rathe than the localhost only,
you can bind it to all IPs.
ssh -i /path_to_key -fND "*:1080" user@server_ip
You can verify that the tunnel (socks5 proxy) is working using the following command.
netstat -tlnp
Or you can try to visit a website using curl through the socks5 proxy.
curl --socks5 localhost:1080 www.google.com
Reverse SSH Tunnel
ssh -fN -L 8888:localhost:8888 user@domain.com
ssh -o ProxyCommand='ssh <bastion_server> -W %h:%p' -R 20000:localhost:22 <target_server>
For more discussions, please refer to reverse-ssh-tunneling , how-does-reverse-ssh-tunneling-work and what-is-reverse-ssh-port-forwarding .
Advanced Usage 1: SSH into a Server Using Proxy
ssh -o ProxyCommand='ssh bastion_server -W %h:%p' target_server
Advanced Usage 2: SSH Tunnel to Avoid 2FA
Suppose you have 2 machines A and B. Machine B is only accssible from machine A using SSH through 2FA. You can create and persist a SSH tunnel from machine A to machine B (2FA is still required when creating the SSH tunnel). Then you can avoid 2FA when connecting from machine A to machine B by using the created SSH tunnel as socks5 proxy through tools such as ProxyChains.
If you do not want to rely another another tools (such as ProxyChains), you can configure SSH to persist and reuse connections. For more discussions on this, please refer to the SSH Tunnel - Multiplexing / ControlMaster .
Advanced Usage 3: Access Service in an Indirectly Accessible Remote Server
Suppose you have 2 machines A and B. Machine B cannot visit the public network nor machine A. However, machine B is accssible (directly or via a bastion server) from machine A using SSH and machine A can visit the public network. You can follow the steps below to access service running on machine B.
-
Start the service on machine B if it is not already running. Let use the JupyterLab server as an example here, and assume it is running on the port 8888 on machine B.
-
Run the following command on machine A to forward visits of the port 3333 on machine A to the port 8888 on machine B.
ssh -fNL 3333:localhost:8888 ip_of_machine_b -
You can then visit
ip_of_machine_a:3333to access the JupyterLab service running on machine B.
Advanced Usage 4: SSH Reverse Tunnel + SSH Tunnel
ssh -o ProxyCommand='ssh bastion_server -W %h:%p' -R 20000:localhost:22 target_server
Advanced Usage 5: SSH Reverse Tunnel + SSH Tunnel
Suppose you have 2 machines A and B. Machine B cannot visit the public network nor machine A. However, machine B is accssible (directly or via a bastion server) from machine A using SSH and machine A can visit the public network. You can follow the steps below to access the public network from machine B.
-
Create a Reversed SSH tunnel from machine A to machine B.
ssh -i /path_to_key -o ProxyCommand='ssh bastion_server -W %h:%p' -R 20000:localhost:22 ip_of_machine_b -
Create a SSH Tunnel on machine B.
ssh -i /path_to_key -fND 1080 localhost -
Use the created SSH Tunnel as a socks5 proxy to visit the public network via proxychains.
proxychains pip3 install pytorch