Did you know that SSH can make your host as a proxy server?
SSH#
Connecte to the remote host with SSH:
1# ssh <user-name>@<host-ip>
2# example
3ssh alpaca@192.168.0.2
4# the default port of SSH is 22, or you can use the parameter "-p" to specify the ssh port of the remote host.
Local port forwarding (TCP port / Unix socket forward)#
Forward local TCP Port or Unix Socket with parameter “-L”.
1-L [bind_address:]port:host:hostport
2-L [bind_address:]port:remote_socket
3-L local_socket:host:hostport
4-L local_socket:remote_socket
Specifies that connections to the given TCP port or Unix socket on the local (client) host are to be for-warded to the given host and port, or Unix socket, on the remote side.
1# example
2ssh -L 8877:192.168.0.101:7766 alpaca@192.168.0.102
In the example above, it will forward the connections that given in arg(192.168.0.102) from local port 8877 to remote server port 7766 , and compelete the progress.
Reverse tunneling#
It’s used in the same way as Local port forwarding (-L), just reverse.
1-R [bind_address:]port:host:hostport
2-R [bind_address:]port:local_socket
3-R remote_socket:host:hostport
4-R remote_socket:local_socket
5-R [bind_address:]port
Specifies that connections to the given TCP port or Unix socket on the remote (server) host are to be forwarded to the local side.
1# example
2ssh -R 192.168.0.101:7766:localhost:8085 alpaca@192.168.0.102
It will forward the traffic from 192.168.0.101:7766 to localhost:8085.
If it’s not working#
Probably is because of permission denied.
Go to check the file /etc/ssh/sshd_config on ssh server, and find the option GatewayPorts, set it yes.
(If it’s annotated, uncomment it first, or can’t find the option, just add it by yourself.)
And don’t forget to restart the ssh server.
Make the host a proxy server with SSH (Dynamic Tunneling)#
In SSH commands, we can use parameter “-D” to make a tunnel between local host and remote server.
Specifies a local “dynamic” application-level port forwarding.
For example:
1# ssh <user-name>@<host-ip> [-D [bind_address:]port]
2# example
3ssh alpaca@123.123.123.123 -D 1234
We made a tunnel that connects host 123.123.123.123, and port of tunnel is 1234.
Now, we can take localhost:1234 as a proxy server. (That can forward for our connection to 123.123.123.123:22.)
