- #SETTING UP REVERSE SSH TUNNEL LINUX HOW TO#
- #SETTING UP REVERSE SSH TUNNEL LINUX PC#
- #SETTING UP REVERSE SSH TUNNEL LINUX WINDOWS#
We're using the default port of 3389, so our RDP client can connect on the default port.
We're using linrouter4's address in the local network, so that other machines in the local network will be able to access that tunnel. The IP address needs to be an address configured on an interface on the local host, of course, otherwise the host wouldn't be able to receive connections at that address. The first pair indicates the address and port where to receive connections on the local host. The tunnel is configured using the -L flag to SSH, which takes up to 4 addresses or ports separated by colon.
#SETTING UP REVERSE SSH TUNNEL LINUX WINDOWS#
Linrouter4$ ssh -L 192.168.10.4:3389:remote76.lan:3389 that SSH connection is established, from Windows machine workstation7 you can open an RDP connection to linrouter4 on the default port, and what you'll get is a forwarded connection to Windows machine remote76.lan on the remote host. So, in order to create an SSH tunnel that will allow you to connect to the remote Windows machine, this is what you need: Visualizing only the interconnect between the two Linux servers: Linux Server.
#SETTING UP REVERSE SSH TUNNEL LINUX PC#
Then these addresses for the remote network: Linux Server Windows PC Remote Let's use these addresses for the local network: Windows PC Local Linux Server. Otherwise, it's hard to understand which exact addresses and names go where.
#SETTING UP REVERSE SSH TUNNEL LINUX HOW TO#
To understand how to set this up, let's assign some IP addresses and names to the machines and interfaces involved. (A reverse SSH tunnel would be if you wanted to expose a service from a machine in network A to machines in network B through this SSH connection initiated on the Linux server in network A.)
Your first change to log into the machine will start about ten minutes after the Computer A boots.You can actually accomplish this with a single SSH tunnel between the two Linux servers, more specifically from the one on Network A to the one on Network B (the direction in which it can SSH.)Īssuming you want to remote desktop into the Remote Windows machine (the one on the side of Network B), then you need a direct SSH tunnel. Ssh -nNT -R 2222:localhost:22 ip.of.computer.bĪ script like that can be run launched on boot /etc/rc.local. Ten minutes is a nice number because it doesn't flood the network and log files with attemps if there is a problem (like Computer B being offline) but it still gets you back in reasonably quick if the connection is droped. A simple loop with a sleep to wait should do the trick. A problem in network connectivity would make it try to beat the wall down to get through. Most normal methods of spawning a daemon don't work very well with setting up a network tunnel like this. On Computer A you might find the -n, -N and -T options useful to disconnect it from local input (so it can run in the background), not try to run any remote command, just open the tunnel, and not create a tty. You can then setup either a single key or multiple keys for each machine that are allowed to "call home". You will probably want a special account with a shell of just /bin/true on Computer B to handle the incoming connections. If you have multiple machines you should use a different port for each machine.įor your use case you will probably want to run this from a script so that you can make it a daemon and periodically try to re-connect if the link is dropped. That port on Computer B will then be tunneled back through the SSH connection initialized on Computer A to port 22. Note that 2222 is an arbitrary high-port number I picked.
In /etc/ssh/sshd for Computer B set: AllowTcpForwarding yesįrom Computer A: $ ssh -R 2222:localhost:22 ip.of.computer.b
0 kommentar(er)
