SSH Port Forwarding


Introduction

SSH Port Forwarding can be useful in instances when you don't have access to a server/service/device, but you have access to a server that has access to the desired server/service/device.

Example Scenario

You -> Server1 (10.0.0.1) -> DesiredWebServer(200.0.0.1)

Due to firewalls, or routing, you can't reach the Desired Web Server, but you have SSH access to Server1.

Using SSH Port Forwarding, you can access Desired Web Server in a transparent manner.

Command

Build SSH Tunnel:
ssh lamoni@10.0.0.1 -L 2000:200.0.0.1:80 -N

Or to run the SSH tunnel in the background:
ssh lamoni@10.0.0.1 -L 2000:200.0.0.1:80 -N -f

The format of the command is:
ssh yourusernametoServer1@Server1IPorHostname -L LocalPort:DesiredWebServerIPorHostname:RemotePort -N

After running the command, you can now browse to http://localhost:2000 on your computer and reach DesiredWebServer.

Notes

You can use this for any service, I just chose HTTP since it was simple. One issue that can arise when doing this for HTTP is that the HTML generated by the web server may contain absolute paths in the links it sends back. If this is the case, you'll have to constantly change the URL from whatever the hardcoded URI is to localhost:2000