You do need to include the -g option as well if you want other hosts to be able to connect via your ssh tunnel.Ĭreate a Dynamic application-level port forwarding (socks proxy basically) with your SSH tunnel, and then point your applications through this one.
The -L option -L port:host:hostport will let you use any valid IP address on the local system to bind to. If you have additional IP address space on the network your ssh client is connected to you could even assign a secondary address to your Ethernet interface and use one of your real IPs, and then setup entries in your DNS if you wanted other systems to be able to use your SSH tunnel. Then you should be able to connect to my.tunnel.name:4321 from your local machine. So if you connect like this ssh -g -L 127.1.2.3:4321:localhost:28017Īnd your hosts file has a line like this. In my SSH configuration on my admin workstation I have many tunnels configured so that they bind to some address in the loopback range, and I have entries in my host file so I open up many tunnels in parallel using the same port and distinguish between them via name. Then simply setup a host entry that map a name to the loopback address that you used so foo.bar maps to 127.1.2.3. So instead of binding to port 4321 you could bind to 127.1.2.3:4321. You can assign a name by using the fact your loopback adapter will basically respond to any address in the 127.0.0.0/8 network. Create a normal user account (who is allow to su or sudo) and SSH in as that user. Securit Side Note: Never never never setup a server where root can SSH in! Serious security flaw. You will then be able to type "localhost:1234" (for example) into the browser and it will connect to the service running on the remote server on port 1234. If you just have the one server, you tunnel into it with the Dynamic connection, set your proxy. It sounds like you just have the one server, but I wanted to be sure this was clear. If a browser running on server A could not connect to Server B (if the process on Server B only listens on 127.0.0.1) then you still couldn't connect. So if you tunnel into Server A, and want to connect to server B, you type into your browser whatever address you would type into a Browser running on Server A. Then point your browser's proxy to localhost:1234. But you have to type a hostname/ip and port into the browser as if the browser were running on the machine the SSH Server is on. This will open a port on your local computer to which you can point the Proxy setting of your Browser and allow you to use the tunnel as a proxy server. What is possible however is to establis a Dynamic connection with the SSH Server. Using a name is now not necessary, since the browser is for remote server sites only.
I can set this up as a proxy in my browser and the browser will treat any request to localhost:anyport as if it was made on the remote server. Thanks to the provided answers and comments the port forwarding works now using Is this possible with ssh? I've read the man pages and googled around for two days now, but it does not seem to work.
0 kommentar(er)
