SSH local port forwarding
In my opinion, port forwarding means forwarding the network data of the TCP port over ssh. And provides the corresponding encryption and decryption services. Mainly used for the target server
Direct access is not allowed due to the firewall or other reasons. It can only be accessed by machines in the same LAN. In this case, port forwarding is required!
Principle
Host a needs to access host C, but should be inaccessible to the firewall. In this case, we link server B to server C through server B, and server B is a stepping stone.
Local port forwarding (experimental environment)
Host a 192.168.4.7
Host B 192.168.4.72
Host C 192.168.4.189
Ssh-l 2222: 192.168.4.109: 22-NF 192.168.4.72! [] (Http://i2.51cto.com/images/blog/201810/28/09216cc6ef1e7f03e6f1bc3f60e2fd60.png? X-OSS-process = image/watermark, size_16, expires, color_ffffff, t_100, g_se, x_10, y_10, shadow_90, type_zmfuz3pozw5nagvpdgk =)-l local port) -F: enabled in the background.-N: remote shell is not enabled. 192.168.4.9: 22 is not necessarily port 22, check whether any port PS-Aux | grep SSH is required (check whether the setting is successful)
Ssh-p2222 127.00.1 you have successfully logged on. You can view the IP address and successfully log on to the ECS instance.
SSH remote port forwarding
Remote port forwarding (assuming the experiment environment)
Host a 192.168.4.130 (home)
Host B 192.168.4.72 (company)
Host C 192.168.4.189 (Public Network)
In principle, host a can access host C, but what should I do if I want host C to access host? In this case, a remote SSH tunnel is required. Because the company and its home computer are not in the same CIDR Block and cannot communicate with each other, port forwarding cannot be placed locally, put it on a remote machine!
Command: SSH-NF-r 9906: localhost: 22 192.168.4.189 // if there is no public key 189, enter the password.
Check whether the listening port is enabled on host 189.
The listening port has been enabled on host 189, and port 189 connecting to host 9906 will be forwarded to host 130 at home.
SSH tunneling learning Summary