Tunnelling Using SSH

Port Forwarding, a kind of Tunnelling, is a common trick to work around certain undesirable network topology. A bunch of software can do the trick, but why not make use of your pre-installed ssh?

Port Forwarding, a kind of Tunnelling, is a common trick to work around certain undesirable network topology. A bunch of software can do the trick, but why not make use of your pre-installed SSH?

Suppose there are four computers called Client, Listener, Agent and Server. What we want is that Client can connect Listener and Agent will finally reach Server.

[Client] --> [Listener:portL]  <==SSH==>  [Agent] --> [Server:portS]

Important assumption: We have full access to the middle two computers Listener and Agent.

(Client is whom you allow to use the tunnel, and it can be a wildcard IP 0.0.0.0 so anyone may use it. But you need to configure a security option. We will discuss the detail later.)

We have got two way to establish SSH (see fig. 1):

  1. Local Tunnelling, Listener will "ssh" to Agent
  2. Remote Tunnelling, Agent will "ssh" to Listener
Fig. 1 Local Tunnelling and Remote Tunnelling

So basically Local or Remote means "who is Listener". It will be rather useful if either Listener or Agent is in a private network so it has no public IP address to be connected to. Because now you have options for two directions to establish SSH. Besides that, they are the same.

Local Tunnelling:

root@listener $ ssh agent  -L client:portL:server:portS

Remote Tunnelling:

root@agent $ ssh listener  -R client:portL:server:portS

If we want to allow anyone to use this tunnel, a wildcard address "0.0.0.0" should be used as Client i.e. 0.0.0.0:portL:server:portS. But not enough. We need to change the configuration in /etc/ssh/sshd_config:

GatewayPorts yes

and restart sshd service.

systemctl restart sshd

Enjoy.

"Surprise"