SSH Intranet Port Forwarding combat

Guide

As we all know, SSH is a secure transport protocol, which is more used in connecting servers. But in addition to this function, its tunnel forwarding function is more attractive.

If the two intranet between the Linux server need to log in with each other, or need to access a port in the intranet, worry that there is no public network IP, you can use the method has Ngrok (https://ngrok.com/), but not convenient, we need only two SSH command.
first, give the protagonist of this article, two SSH commands:

Remote port forwarding (forwarded to the Local intranet server port by a remote server port)

ssh   -cfng-  R (key to the command line)   2222 (remote server port): 127.0.0.1:22 (Local port)   123.45.67.8 (remote server) 

Local port forwarding (forwarded to a remote server port by a local intranet server port)

ssh   -cfng-  L (key to the command line)    2222 (remote server port): 0.0.0.0:4444 (Local port)   123.45.67.8 (remote server) 

command line option explanation:

-C: Compressed data transfer. -
F: Background authenticated user/password, usually used with-n without logging on to the remote host. -
N: script or command is not executed, and is usually used with-F. -
G: In the-l/-r/-d parameter, the remote host is allowed to connect to the established forwarding port, and if this parameter is not added, only the local host is allowed to establish a connection.
-L Local Port: Destination IP: Destination Port-
t not assigned TTY only do agent in
-Q Quiet mode, do not output error/warning information

Port number of internal machines that need to be accessible to remote machines (ports: 22)

After clear the above parameters, we use the following command to establish a remote SSH tunnel, in the intranet host execution

SSH   -cfng-r 2222:127.0.0.1:22  123.45.67.8

Now, in the IP is 123.45.67.8 machine we use the following command to login intranet IP for 192.168.0.100 machine.

Ssh-p 2222 localhost

Now the public network IP 123.45.67.8 host can be local access to the intranet service end, that intranet client how to land it. , we only need to map the intranet client's 4444 port to the 123.45.67.8 2222 port.

Now we need to forward it locally.

SSH  -cfng-   l  2222:0.0.0.0:4444   123.45.67.8

After execution, the local intranet client 4444 port has already connected with the 123.45.67.8 2222 port, then 123.45.67.8 's 2222 port and the intranet service end 22 port connection, becomes a complete mapping chain.

This article is reproduced from: http://www.linuxprobe.com/ssh-network.html

Free to provide the latest Linux technology tutorials Books, for the open source technology enthusiasts to do more and better: http://www.linuxprobe.com/Author: Shi, auditor