Practice of SSH Intranet port forwarding

Practice of SSH Intranet port forwarding
GuideAs we all know, SSH is a secure transmission protocol, which is used on many connected servers. However, in addition to this function, its tunnel forwarding function is even more attractive.

If the linux servers between the two Intranets need to log on to each other, or need to access a port in the Intranet, worry that there is no public IP address, you can use ngrok (https://ngrok.com/), but not convenient, we only need two SSH commands.

The main character of this article, two SSH commands:

Remote port forwarding (a port of the remote server is forwarded to the port of the Local intranet server) ssh-CfNg-R (Key to the command line) 2222 (remote server port): 127.0.0.1: 22 (local port) 123.45.67.8 (Remote Server)

Local port forwarding (forwarding from a port on the local Intranet server to a remote server port) ssh-CfNg-L (command line key) 2222 (remote server port): 0.0.0.0: 4444 (local port) 123.45.67.8 (Remote Server)

Command line options:

-C: compressed data transmission. -F: the user/password for background authentication. It is usually used with-N and does not need to be logged on to the remote host. -N: do not execute scripts or commands, usually used with-f. -G: In the-L/-R/-D parameter, the remote host is allowed to connect to the established forwarding port. If this parameter is not added, only the local host is allowed to establish a connection. -L local port: Target IP Address: Target Port-T is not allocated. TTY is used only for proxy in-q quiet mode, and error/warning information is not output.

Port Number of the internal machine to be accessed by the remote machine (Port: 22)

After clarifying the above parameters, we use the following command to establish a remote SSH tunnel and execute

ssh   -CfNg -R 2222:127.0.0.1:22  123.45.67.8

Now, we can log on to the machine with the Intranet IP address 192.168.0.100 by using the following command on the machine with the IP address of 123.45.67.8.

ssh -p 2222 localhost

Now the host 123.45.67.8 of the Public ip Address can access the Intranet server locally. How can I log on to the Intranet client ?, We only need to map port 4444 of the Intranet client to port 2222 of 123.45.67.8.

Now we need local forwarding.

ssh  -CfNg   -L  2222:0.0.0.0:4444   123.45.67.8

After the execution, port 4444 of the Local intranet client is connected to port 2222 of port 123.45.67.8, and port 2222 of port 123.45.67.8 is connected to port 22 of the Intranet server, become a complete ing chain.

Address: http://www.linuxprobe.com/ssh-network.html