Friday, March 14, 2008

Remote Port Forwarding over SSH

Consider the following scenario. You have a remote machine that you have access to, and you have enough control to bind a process to an arbitrary port. You also have a workstation that isn't exposed to the outside world, but you would like to access this workstation from outside of your LAN/firewall. Sure you can setup a VPN, configure port forwarding on your router, etc... As usual, there are lots of solutions, but not many are as cool as this quick little ssh hack.

On your workstation:

ssh -Nf -R 9000:localhost:22 username@publicserver.com

This assumes you can bind to port 9000 via the loopback on the remote server and that you're running sshd on port 22 on your local workstation. Now you drive to the local coffeehouse, and you need to hop on your Linux box at home...

Log into publicserver.com:

ssh -p 9000 username@localhost

In this case, username is your account on your workstation behind the firewall.

Thanks to Nate G. for this tip.

No comments: