Sunday, February 24, 2008

SSH through SSH tunnel

I had a problem of having the ports on my lab machine blocked to external connections by a firewall. In other words, I couldn't connect to my lab machine's ssh server from home. But I had ssh access to the firewall. So I created a ssh tunnel to my lab machine as follows:

$ ssh -fN -L 9500:my.lab.machine:22 myfirewalllogin@the.firewall.machine
This will create a ssh tunnel in the background through the firewall machine and maps my lab machine's ssh port (22) to my localhost's port 9500 (can be any higher ports).

Now I can create the ssh connection to my lab machine as if it is in my local host:
$ ssh -p 9500 mylablogin@localhost

If you want to do scp files you can do similar but with -P (capital P) instead -p.
$ scp -P 9500 mylablogin@localhost:labfiles localdir

Anybody can figure it out my carefully reading the ssh man page ;-) and this approach works for accessing any remote, behind-the-firewall applications (mail server, rsync, etc.)

3 comments:

stefan said...

This saved my day - many thanks

Unknown said...
This comment has been removed by the author.
Unknown said...

This post is the closest thing I found to solve my problem, but I'm not exactly there.... myabe you can help me?

I have three servers, A, B and C. There is an SSH tunnel between A and B. Now I want a second SSH tunnel between A and C passing through B, so that B can hide A's IP and show its own to C instead.

Do you have any ideas on how it can be done?

Thanks so much!
Chris