-
-
Save rudolfovich/edf8b0f026ef48e4fea6723ba8e92bb0 to your computer and use it in GitHub Desktop.
Revisions
-
ashrithr revised this gist
Oct 5, 2014 . 1 changed file with 8 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -20,6 +20,14 @@ ssh -L 9999:localhost:9999 host1 ssh -L 9999:localhost:1234 -N host2 This will open a tunnel from localhost to host1 and another tunnel from host1 to host2. However the port 9999 to host2:1234 can be used by anyone on host1. This may or may not be a problem. Another Example: Assume you have you have a web server running on 10.1.0.93 in a private network on port 80 which is reachable by a gateway server 198.1.1.34, here is how to open the ssh tunnel: ``` ssh -L 80:localhost:80 [email protected] -t ssh -L 80:localhost:80 [email protected] ``` Example SSH Config: ``` -
Jun 20, 2014 . 1 changed file with 29 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -18,4 +18,32 @@ Tunnel from localhost to host1 and from host1 to host2: ssh -L 9999:localhost:9999 host1 ssh -L 9999:localhost:1234 -N host2 ``` This will open a tunnel from localhost to host1 and another tunnel from host1 to host2. However the port 9999 to host2:1234 can be used by anyone on host1. This may or may not be a problem. Example SSH Config: ``` Host cwg HostName 198.0.218.179 Port 22 User root IdentityFile ~/.ssh/id_rsa # Access cw sync on localhost:9292 # Enable: ssh -f -N cw_tunnel Host cw_tunnel HostName 198.0.218.179 User root IdentityFile ~/.ssh/id_rsa LocalForward 9292 127.0.0.1:9292 # auto tunelling to securehost (remote host) via jumphost (gateway) # we tell ssh that when it establishes a connection to securehost to do so using # the stdin/stdout of the ProxyCommand as a transport. The ProxyCommand then tells # the system to first ssh to our bastion host and open a netcat connection to host # %h (hostname supplied to ssh) on port %p (port supplied to ssh). Host jumphost ProxyCommand none Host securehost ProxyCommand ssh jumphost -W %h:%p ``` -
Jun 20, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,21 @@ ###Single hop tunelling: ``` ssh -f -N -L 9906:127.0.0.1:3306 [email protected] ``` where, * `-f` puts ssh in background * `-N` makes it not execute a remote command This will forward all local port 9906 traffic to port 3306 on the remote dev.example.com server ###Multi-Hop Tunelling: Tunnel from localhost to host1 and from host1 to host2: ``` ssh -L 9999:localhost:9999 host1 ssh -L 9999:localhost:1234 -N host2 ``` This will open a tunnel from localhost to host1 and another tunnel from host1 to host2. However the port 9999 to host2:1234 can be used by anyone on host1. This may or may not be a problem.