SSH port forwarding | SSH Tunnel (Forward & Reverse)


Linux, Security, SSH

In this tutorial Guide we will learn about

  • SSH Port Forwarding
  • Different Types of Forwarding
  • Practical examples to create SSH Tunnel and access HTTP web server in Linux
  • Verify SSH Tunnel using tcpdump
  • Close SSH Tunnel

 

What is SSH Port Forwarding

  • SSH port forwarding or tunneling allows you to forward otherwise insecure TCP traffic inside a secure SSH tunnel from local to destination server.
  • Protocols such as FTP, POP3, SMTP, HTTP, TELNET, and others can all be forwarded inside this SSH tunnel
  • This will provide increased security features such as encryption and authentication that may not otherwise be supported.
  • You must create a new SSH connection to establish the tunneling, you can not use any existing SSH connection

SSH port forwarding | SSH Tunnel (Forward & Reverse)

 

Type of SSH Port Forwarding?

There are three types of port forwarding mechanisms between local and remote host:

  • Local Port Forwarding: Create a local port that is connected to a remote service.
  • Remote Port Forwarding: Forward a port on a remote server on the Internet to a local port
  • Dynamic Port Forwarding: A SOCKS client connects via TCP, and indicates via the protocol the remote socket it wants to reach

 

1: Local Port Forwarding

  • This allows you to forward a port from your localhost server (ssh_client) to a port on target remote server (ssh_server)
  • The basic syntax would be ssh -L sourceHost:sourcePort:forwardToHost:onPort connectToHost
  • Here the first field sourceHost would be the localhost using on which you will enable the Port Forward
  • The second field is sourcePort using which you will connect to the remoteHost and remotePort
  • The third field is the forwardToHost i.e. the server to which you want to forward the request. You can also put localhost in this field (as it is the localhost of remoteHost)
  • The fourth field is the onPort section i.e. the port to which the request has to be forwarded
  • Lastly provide the server (connectToHost) to which you want to create the secure SSH Tunnel

From the man page of SSH:

-f	Requests ssh to go to background just before command execution. 
-N      Do not execute a remote command.  This is useful for just forwarding ports

-L local_socket:remote_socket

       Specifies that connections to the given TCP port or Unix socket on the local (client) host are to be forwarded to the
       given host and port, or Unix socket, on the remote side.  This works by allocating a socket to listen to either a TCP
       port on the local side, optionally bound to the specified bind_address, or to a Unix socket.  Whenever a connection is
       made to the local port or socket, the connection is forwarded over the secure channel, and a connection is made to
       either host port hostport, or the Unix socket remote_socket, from the remote machine.

 

1.1: Example-1: Setup Local Port Forwarding with two servers

  • This is the basic and most used Local port Forwarding where we forward the traffic on a port 5555 from localhost (server1) to a port 80 on target host server3
  • In this example I have a web server running on port 80 on server3.
  • I will configure port 5555 to be used to forward the traffic from localhost (server1) to server3 on port 80 in secure SSH Tunnel

SSH port forwarding | SSH Tunnel (Forward & Reverse)

 

1.1.1: Create SSH tunnel for HTTP server

Use SSH client on server1 (our localhost) to create a secure tunnel towards server3. The -L option specifies local forwarding, in which the TCP client is on the local machine with the SSH client.

[root@server1 ~]# ssh -f -N -L localhost:5555:server3:80 root@server3

Make sure the SSH process is still active:

[root@server1 ~]# ps -ef | grep ssh
root      1170     1  0 10:20 ?        00:00:00 /usr/sbin/sshd -D
root      1426  1170  0 10:21 ?        00:00:01 sshd: root@pts/1
root      2242  1170  0 12:31 ?        00:00:00 sshd: root@pts/0
root      2384     1  0 12:53 ?        00:00:00 ssh -f -N -L localhost:5555:server3:80 root@server3
root      2386  1430  0 12:53 pts/1    00:00:00 grep --color=auto ssh

 

1.1.2: Verify the SSH Tunnel

Next we will try to connect to our apache server on server3 using curl and curl is able to connect to server3:80 using the server1:5555

[root@server1 ~]# curl  http://localhost:5555
My test site

More information can be collected from tcpdump which is running on server3. This shows that the curl request was served using SSH secure Tunnel even when the requested port was 80

[root@server3 ~]# tcpdump -i enp0s8 port 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s8, link-type EN10MB (Ethernet), capture size 262144 bytes
12:53:28.032073 IP server1.53464 > server3.ssh: Flags [P.], seq 29797146:29797230, ack 547702480, win 329, options [nop,no,TS val 8905005 ecr 8902932], length 84
12:53:28.032108 IP server3.ssh > server1.53464: Flags [.], ack 84, win 295, options [nop,nop,TS val 8909252 ecr 8905005], ength 0
12:53:28.032430 IP server3.ssh > server1.53464: Flags [P.], seq 1:45, ack 84, win 295, options [nop,nop,TS val 8909253 ecr8905005], length 44
12:53:28.032854 IP server1.53464 > server3.ssh: Flags [P.], seq 84:200, ack 45, win 329, options [nop,nop,TS val 8905006 er 8909253], length 116
12:53:28.033570 IP server3.ssh > server1.53464: Flags [P.], seq 45:337, ack 200, win 295, options [nop,nop,TS val 8909254 cr 8905006], length 292
12:53:28.044939 IP server1.53464 > server3.ssh: Flags [P.], seq 200:236, ack 337, win 349, options [nop,nop,TS val 8905018ecr 8909254], length 36
12:53:28.045130 IP server3.ssh > server1.53464: Flags [P.], seq 337:409, ack 236, win 295, options [nop,nop,TS val 8909265ecr 8905018], length 72
12:53:28.045599 IP server1.53464 > server3.ssh: Flags [P.], seq 236:272, ack 409, win 349, options [nop,nop,TS val 8905019ecr 8909265], length 36
12:53:28.085911 IP server3.ssh > server1.53464: Flags [.], ack 272, win 295, options [nop,nop,TS val 8909306 ecr 8905019],length 0

 

1.1.3: Close Local Forwarding Tunnel

To close the secure SSH Tunnel we must kill the SSH process which was created to forward the PORT.

[root@server1 ~]# kill -9 2384

 

1.2: Example-2: Setup Local Port Forwarding with three servers

In this example we will have three servers. Here server1 does not has direct access to server3 so it will use server1 server2 to connect to the webserver on server3.

We will forward the port request from server1:5555 to server2 using secure SSH Tunnel which will further connect server3:80 to fetch the request.

SSH port forwarding | SSH Tunnel (Forward & Reverse)

1.2.1: Create SSH Tunnel

Create Local Forwarding port on your localhost (server1) using SSH client. You can also ignore mentioning localhost in this command as that is the default behaviour, I have written here just for the sake of explanation

[root@server1 ~]# ssh -f -N -L localhost:5555:server3:80 root@server2

Make sure the SSH process is active which means our tunnel is created

[root@server1 ~]# ps -ef | grep ssh
root      1170     1  0 10:20 ?        00:00:00 /usr/sbin/sshd -D
root      1426  1170  0 10:21 ?        00:00:01 sshd: root@pts/1
root      2242  1170  0 12:31 ?        00:00:00 sshd: root@pts/0
root      2380     1  0 12:51 ?        00:00:00 ssh -f -N -L localhost:5555:server3:80 root@server2
root      2382  1430  0 12:51 pts/1    00:00:00 grep --color=auto ssh

 

1.2.2: Verify the SSH Tunnel

We will use curl to connect to our webserver on server3:80 from server1 using localhost:5555. So the curl tool was successfully able to fetch the webserver's index page.

[root@server1 ~]# curl  http://localhost:5555
My test site

You can check the tcpdump capture on server3 This shows the secure tunnel communication between server1 and server2 and further server2 will connect to server3 to connect to the webserver.

[root@server3 tmp]# tcpdump -i enp0s8 port 22 or 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s8, link-type EN10MB (Ethernet), capture size 262144 bytes
12:59:04.138042 IP server1.60638 > server2.ssh: Flags [P.], seq 2758738467:2758738551, ack 379740010, win 289, options [nop,nop,TS val 9241111 ecr 5849726], length 84
12:59:04.138269 IP server2.ssh > server1.60638: Flags [.], ack 84, win 273, options [nop,nop,TS val 5891823 ecr 9241111], length 0
12:59:04.144056 IP server2.53650 > server3.http: Flags [S], seq 2208701817, win 29200, options [mss 1460,sackOK,TS val 5891829 ecr 0,nop,wscale 7], length 0
12:59:04.144073 IP server3.http > server2.53650: Flags [S.], seq 2805768777, ack 2208701818, win 28960, options [mss 1460,sackOK,TS val 9245364 ecr 5891829,nop,wscale 7], length 0
12:59:04.148666 IP server2.53650 > server3.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 5891833 ecr 9245364], length 0
12:59:04.148672 IP server2.ssh > server1.60638: Flags [P.], seq 1:45, ack 84, win 273, options [nop,nop,TS val 5891834 ecr 9241111], length 44
12:59:04.148790 IP server1.60638 > server2.ssh: Flags [.], ack 45, win 289, options [nop,nop,TS val 9241122 ecr 5891834], length 0
12:59:04.148917 IP server1.60638 > server2.ssh: Flags [P.], seq 84:200, ack 45, win 289, options [nop,nop,TS val 9241122 ecr 5891834], length 116
12:59:04.149100 IP server2.53650 > server3.http: Flags [P.], seq 1:79, ack 1, win 229, options [nop,nop,TS val 5891834 ecr 9245364], length 78: HTTP: GET / HTTP/1.1
12:59:04.149118 IP server3.http > server2.53650: Flags [.], ack 79, win 227, options [nop,nop,TS val 9245370 ecr 5891834], length 0
12:59:04.149546 IP server3.http > server2.53650: Flags [P.], seq 1:254, ack 79, win 227, options [nop,nop,TS val 9245370 ecr 5891834], length 253: HTTP: HTTP/1.1 200 OK

 

1.2.3: Close Local forwarding Tunnel

To close the secure SSH Tunnel, go ahead and kill the respective SSH process which we created earlier:

[root@server1 ~]# kill -9  2380

 

1.3: Example-3: Setup Local Port Forwarding with Gateway Ports

  • In OpenSSH, by default, only the host running the SSH client can connect to locally forwarded ports.
  • This is because ssh listens only on the machine’s loopback interface for connections to the forwarded port; i.e., it binds the socket (localhost,5555), a.k.a. (127.0.0.1,5555), and not (server1,8080).
  • So, in the preceding example, only server1 can use the forwarding
  • However, ssh for OpenSSH has a command-line option, -g, that disables this restriction, permitting any host to connect to locally forwarded ports:
  • The client configuration (ssh_config) keyword GatewayPorts also controls this feature; the default value is no, whereas yes does the same thing as -g

SSH port forwarding | SSH Tunnel (Forward & Reverse)

 

1.3.1: Create SSH Tunnel with Gateway Port

We will also use -g with our existing SSH command to create the SSH Tunnel. Also if you observe, I have removed "locahost" and have used ":5555" which signifies all the host can be matched

[root@server1 ~]# ssh -g -f -N -L :5555:server3:80 root@server3

Make sure the SSH process is still active for the respective command:

[root@server1 ~]# ps -ef | grep ssh
root      1170     1  0 10:20 ?        00:00:00 /usr/sbin/sshd -D
root      1426  1170  0 10:21 ?        00:00:01 sshd: root@pts/1
root      2242  1170  0 12:31 ?        00:00:00 sshd: root@pts/0
root      2423     1  0 13:01 ?        00:00:00 ssh -g -f -N -L :5555:server3:80 root@server3
root      2425  1430  0 13:03 pts/1    00:00:00 grep --color=auto ssh

 

1.3.2: Verify the Local Port Forwarding

We will use curl command from server2 this time to check if it can connect to server3 using port 5555 from the secure tunnel

[root@server2 ~]# curl http://server1:5555
My test site

So the server2 was successfully able to connect to server3:80 and also to the webserver using forwarding port server1:5555

The tcpdump output from server3 shows that the connection was established between server1 and server3 using secure tunnel to get the HTTP request. You can extend the tcpdump to search for host server2 to get packet details from respective host. Since the tunnel is between server1 and server3 only, we do not see server2 related details here.

[root@server3 tmp]# tcpdump -i enp0s8 port 22 or 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s8, link-type EN10MB (Ethernet), capture size 262144 bytes
13:01:40.344612 IP server1.53480 > server3.ssh: Flags [P.], seq 2488865116:2488865208, ack 1385274191, win 309, options [nop,nop,TS val 9397318 ecr 9390459], length 92
13:01:40.344639 IP server3.ssh > server1.53480: Flags [.], ack 92, win 295, options [nop,nop,TS val 9401565 ecr 9397318], length 0
13:01:40.346140 IP server3.ssh > server1.53480: Flags [P.], seq 1:45, ack 92, win 295, options [nop,nop,TS val 9401566 ecr 9397318], length 44
13:01:40.346422 IP server1.53480 > server3.ssh: Flags [.], ack 45, win 309, options [nop,nop,TS val 9397320 ecr 9401566], length 0
13:01:40.346507 IP server1.53480 > server3.ssh: Flags [P.], seq 92:208, ack 45, win 309, options [nop,nop,TS val 9397320 ecr 9401566], length 116
13:01:40.347088 IP server3.ssh > server1.53480: Flags [P.], seq 45:337, ack 208, win 295, options [nop,nop,TS val 9401567 ecr 9397320], length 292
13:01:40.347943 IP server1.53480 > server3.ssh: Flags [P.], seq 208:244, ack 337, win 329, options [nop,nop,TS val 9397321 ecr 9401567], length 36
13:01:40.348239 IP server3.ssh > server1.53480: Flags [P.], seq 337:409, ack 244, win 295, options [nop,nop,TS val 9401569 ecr 9397321], length 72
13:01:40.348453 IP server1.53480 > server3.ssh: Flags [P.], seq 244:280, ack 409, win 329, options [nop,nop,TS val 9397322 ecr 9401569], length 36
13:01:40.389600 IP server3.ssh > server1.53480: Flags [.], ack 280, win 295, options [nop,nop,TS val 9401610 ecr 9397322], length 0

 

1.3.3: Close SSH Tunnel

Close the SSH Tunnel To close the Local forwarding port, you can go ahead and kill the SSH process which we created earlier to start the tunnel from server1

[root@server1 ~]# kill -9 2423

 

2: Remote port forwarding

  • A remotely forwarded port is just like a local one, but the directions are reversed
  • This time the TCP client is remote, its server is local, and a forwarded connection is initiated from the remote machine.
  • Remote port forwarding is less common and can be used to connect to a local port that cannot be reached from the internet, to a port on the server that is available on the internet
  • The -R option specifies remote forwarding. It is followed by three values, separated by colons as before but interpreted slightly differently.

From the man page of SSH

-R [bind_address:]port:host:hostport
-R [bind_address:]port:local_socket
-R remote_socket:host:hostport
-R remote_socket:local_socket

             Specifies that connections to the given TCP port or Unix socket on the remote (server) host are to be
             forwarded to the given host and port, or Unix socket, on the local side.  This works by allocating a
             socket to listen to either a TCP port or to a Unix socket on the remote side.  Whenever a connection is
             made to this port or Unix socket, the connection is forwarded over the secure channel, and a connection
             is made to either host port hostport, or local_socket, from the local machine.

 

The syntax to perform Reverse Port Forwarding would be ssh -R bindAddress:remotePort:forwardToHost:onPort connectToHost

  • The first field is the bind address on localhost. By default, TCP listening sockets on the server will be bound to the loopback interface only
  • The second field is the remotePort which which will be used to connect to the destination port i.e. 80.
  • The third field is for forwardToHost i.e. the hostname or IP of the server to which you wish to connect as part of forwarding
  • The fourth field is the onPort to which the forwarding should happen on the "forwardToHost"
  • Lastly provide the server details towards which the SSH Tunnel should be created

SSH port forwarding | SSH Tunnel (Forward & Reverse)

 

2.1: Create SSH Tunnel for Remote Port Forwarding

I have a web server with apache on port 80 running on server3. Now in the earlier examples:

with Local Port Forwarding we forward request from server1:5555 to server3:80

Now we will do the opposite i.e.

with Remote Port Forwarding we forward request from server3:80 to server1:5555

Create SSH Tunnel on server3

[root@server3 ~]# ssh -f -N -R localhost:5555:server3:80 root@server1

Make sure the SSH process with the above command is still running

[root@server3 ~]# ps -ef | grep ssh
root      5711     1  0 10:22 ?        00:00:01 sshd: root@pts/0
root      9500     1  0 11:10 ?        00:00:00 /usr/sbin/sshd -D
root     11151  9500  0 12:09 ?        00:00:00 sshd: root@notty
root     13638     1  0 15:46 ?        00:00:00 ssh -f -N -R 5555:server3:80 root@server1
root     13642  5799  0 15:46 pts/0    00:00:00 grep --color=auto ssh

 

2.2: Verify SSH Tunnel setup

Verify SSH Tunnel Next we will use curl from server1 to connect to server3 using port 5555

[root@server1 ~]# curl  http://localhost:5555
My test site

The connection was successful

With tcpdump running on server3 we can check the secure SSH Tunnel was used for the curl request from server1 to server3

[root@server3 ~]# tcpdump -i enp0s8 port 22 or 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s8, link-type EN10MB (Ethernet), capture size 262144 bytes
15:48:05.749405 IP server1.ssh > server3.48228: Flags [P.], seq 3747952798:3747952890, ack 3457506699, win 258, options [nop,nop,TS val 19382722 ecr 19296856], length 92
15:48:05.749429 IP server3.48228 > server1.ssh: Flags [.], ack 92, win 291, options [nop,nop,TS val 19386970 ecr 19382722], length 0
15:48:05.750020 IP server3.48228 > server1.ssh: Flags [P.], seq 1:45, ack 92, win 291, options [nop,nop,TS val 19386970 ecr 19382722], length 44
15:48:05.750314 IP server1.ssh > server3.48228: Flags [.], ack 45, win 258, options [nop,nop,TS val 19382723 ecr 19386970], length 0
15:48:05.750506 IP server1.ssh > server3.48228: Flags [P.], seq 92:208, ack 45, win 258, options [nop,nop,TS val 19382724 ecr 19386970], length 116
15:48:05.751491 IP server3.48228 > server1.ssh: Flags [P.], seq 45:337, ack 208, win 291, options [nop,nop,TS val 19386972 ecr 19382724], length 292
15:48:05.752605 IP server1.ssh > server3.48228: Flags [P.], seq 208:244, ack 337, win 281, options [nop,nop,TS val 19382726 ecr 19386972], length 36
15:48:05.752926 IP server3.48228 > server1.ssh: Flags [P.], seq 337:409, ack 244, win 291, options [nop,nop,TS val 19386973 ecr 19382726], length 72
15:48:05.753338 IP server1.ssh > server3.48228: Flags [P.], seq 244:280, ack 409, win 281, options [nop,nop,TS val 19382727 ecr 19386973], length 36
15:48:05.793709 IP server3.48228 > server1.ssh: Flags [.], ack 280, win 291, options [nop,nop,TS val 19387014 ecr 19382727], length 0

 

2.3: Close SSH Tunnel

To close the SSH Tunnel we must kill the SSH process which is running on our server3

[root@server3 ~]# ps -ef | grep 5555
root     13638     1  0 15:46 ?        00:00:00 ssh -f -N -R 5555:server3:80 root@server1

The PID mapped to the SSH Tunnel is 13638, we will use kill with -9 interrupt signal for the respective PID

[root@server3 ~]# kill -9 13638

 

3: Dynamic Port Forwarding

  • Let's say we need a quick way to exit our network bypassing the firewall settings.
  • Our server1 normally has access to HTTP server running on server3
  • But due to recent firewall policy we can reach server3 host, to access the web server
  • To overcome this problem we can use Dynamic Port Forwarding or SOCKS Forwarding SOCKS is a small protocol, defined in RFC-1928.
  • A SOCKS client connects via TCP, and indicates via the protocol the remote socket it wants to reach; the SOCKS server makes the connection, then gets out of the way, transparently passing data back and forth.
  • Thereafter, it is just as if the client had connected directly to the remote socket.

SSH port forwarding | SSH Tunnel (Forward & Reverse)

From the man page of SSH

-D [bind_address:]port

             Specifies a local “dynamic” application-level port forwarding.  This works by allocating a socket to lis‐
             ten to port on the local side, optionally bound to the specified bind_address.  Whenever a connection is
             made to this port, the connection is forwarded over the secure channel, and the application protocol is
             then used to determine where to connect to from the remote machine.  Currently the SOCKS4 and SOCKS5 pro‐
             tocols are supported, and ssh will act as a SOCKS server.  Only root can forward privileged ports.
             Dynamic port forwardings can also be specified in the configuration file.

 

The syntax to use Dynamic Port Forwarding would be:

ssh -f -N -D [bind_address:]port connectToHost
  • Here in the first field there is no need to explicitly mention the bind_address, just provide the local port to be forwarded in the second field
  • That’s because the destination is determined dynamically, and can be different for each connection.
  • Replace connectToHost with the server towards which you want to create the secure tunnel

 

3.1: Create SSH Tunnel

Before we create SSH Tunnel, let me show you server1 was by default allowed to connect to apache server on server3 using port 80

[root@server1 ~]# curl http://server3:80
My test site

But then we introduce iptables rule to block port 80 in the OUTPUT chain on server1

[root@server1 ~]# iptables -A OUTPUT -p tcp --dport 80 -j DROP

Now if we try to access the apache server from server3, curl will time out while trying to establish the connection

[root@server1 ~]# curl --connect-timeout 5 http://server3:80
curl: (28) Connection timed out after 5000 milliseconds

So we create Dynamic Port Forwarding SSH Tunnel from server1 to server3 using a random port 8080. You can choose any other port of your choice.

[root@server1 ~]# ssh -f -N -D 8080 root@server3

Verify the SSH process from this command

[root@server1 ~]# ps -ef | grep ssh
root      1170     1  0 10:20 ?        00:00:00 /usr/sbin/sshd -D
root      1426  1170  0 10:21 ?        00:00:01 sshd: root@pts/1
root      2242  1170  0 12:31 ?        00:00:00 sshd: root@pts/0
root      2611     1  0 16:24 ?        00:00:00 ssh -f -N -D 8080 root@server3
root      2613  1430  0 16:25 pts/1    00:00:00 grep --color=auto ssh

 

3.2: Verify SSH Tunnel setup

Verify the SSH Tunnel setup Now we will try to use SOCKS proxy to connect to the apache server from server3:80 using server1:8080

[root@server1 ~]# curl --proxy socks5h://localhost:8080  http://server3:80
My test site

The curl connection was successful with SOCKS proxy

The tcpdump output on server3 shows that the curl connection happened within the secure SSH Tunnel over port 22

[root@server3 ~]# tcpdump -i enp0s8 port 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s8, link-type EN10MB (Ethernet), capture size 262144 bytes
16:27:04.659233 IP server1.53544 > server3.ssh: Flags [P.], seq 2051346850:2051346934, ack 679515067, win 349, options [nop,nop,TS val 21721632 ecr 21664654], length 84
16:27:04.659249 IP server3.ssh > server1.53544: Flags [.], ack 84, win 295, options [nop,nop,TS val 21725880 ecr 21721632], length 0
16:27:04.659651 IP server3.ssh > server1.53544: Flags [P.], seq 1:45, ack 84, win 295, options [nop,nop,TS val 21725880 ecr 21721632], length 44
16:27:04.660067 IP server1.53544 > server3.ssh: Flags [P.], seq 84:192, ack 45, win 349, options [nop,nop,TS val 21721633 ecr 21725880], length 108
16:27:04.660454 IP server3.ssh > server1.53544: Flags [P.], seq 45:337, ack 192, win 295, options [nop,nop,TS val 21725881 ecr 21721633], length 292
16:27:04.661356 IP server1.53544 > server3.ssh: Flags [P.], seq 192:228, ack 337, win 369, options [nop,nop,TS val 21721634 ecr 21725881], length 36
16:27:04.661590 IP server3.ssh > server1.53544: Flags [P.], seq 337:409, ack 228, win 295, options [nop,nop,TS val 21725882 ecr 21721634], length 72
16:27:04.661957 IP server1.53544 > server3.ssh: Flags [P.], seq 228:264, ack 409, win 369, options [nop,nop,TS val 21721635 ecr 21725882], length 36
16:27:04.702875 IP server3.ssh > server1.53544: Flags [.], ack 264, win 295, options [nop,nop,TS val 21725923 ecr 21721635], length 0

You can also configure your Mozilla Firefox to use SOCKS Proxy by modifying the Proxy configuration under Network Settings

 

3.3: Close SSH Tunnel

To close the Dynamic Port Forwarding SSH Tunnel we must kill the SSH process which we created earlier on server1

[root@server1 ~]# ps -ef | grep ssh
root      2611     1  0 16:24 ?        00:00:00 ssh -f -N -D 8080 root@server3
root      2613  1430  0 16:25 pts/1    00:00:00 grep --color=auto ssh

In this case, kill the process PID 2611 to close the tunnel

[root@server1 ~]# kill -9 2611

 

Conclusion

Understand SSH Port Forwarding concept can be little tricky for beginners and it may take some time to be able to use it in real time environments. The examples which I have used in this tutorial to explain different types of forwarding are based on private network whereas these are used also in public network with network firewalls. But the end usage would be same so you can learn regarding the usage from these examples.

In this tutorial we learned about different types of SSH port Forwarding, I intentionally didn't explained other scenarios in Remote Port Forwarding similar to Local as that would just extend the article while the usage remains same for both.

You can also try to setup forwarding in your environment and let me know your suggestions or feedback using the comment section from this article.

 

References

I have used below external references for this tutorial guide
Proxies and Tunnels: Mastering Bash
Ubuntu Linux for Dummies
SSH The Secure Shell
Next Generation SSH2 Implementation

 

Deepak Prasad

Deepak Prasad

He is the founder of GoLinuxCloud and brings over a decade of expertise in Linux, Python, Go, Laravel, DevOps, Kubernetes, Git, Shell scripting, OpenShift, AWS, Networking, and Security. With extensive experience, he excels in various domains, from development to DevOps, Networking, and Security, ensuring robust and efficient solutions for diverse projects. You can connect with him on his LinkedIn profile.

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can send mail to admin@golinuxcloud.com

Thank You for your support!!

Leave a Comment