Fame Burst

Home / general

How to open port via SSH tunnel?

Rachel Hill |

There is a system B with the following open servers: I have a web server listening on port 80 and a ssh server listening on 22. However, only port 22 is publicly available. Now, I would like to create some kind of tunnel, so that I can access B:80 from A. However, my client computer A that would like to connect to the system B is not publicly open, either.

So, all I have is a client computer A from where I would like to access the server B and, there, an open port 22. On A, no port is open or can be opened.

What (I think) I would need is to open locally (on A) some port that connects in some way through port 22 of B to port 80 on B.

Is this possibly without using any man-in-the-middle open servers with multiple ports?

1

2 Answers

(Note: Jakuje answered while I was composing my answer. It's more elaborate from the start, so I'm posting it anyway.)

If I get you right, all you need is to forward a local port through SSH. I assume you have SSH access to B.

Linux command to run on A:

ssh -NL 2345:127.0.0.1:80 B

Now you can connect to the port 2345 on A and it should be equivalent to connecting to the 80 port on B from the B itself.

Few remarks:

  • -N causes ssh not to execute a command on the remote (B) side; perfect for port forwarding.
  • The number 2345 is arbitrarily chosen; it may be any number from 1024 to 65535 (binding to a port lower than 1024 requires root access usually). If you happen to hit the already occupied port, then try another number.
  • The 127.0.0.1 address I used requires your web server on B to listen on the loopback interface. If it listens on some other address(es) only, use it instead. This address should be a valid address of your server as seen from within the system B. It doesn't matter at all what this address means to A nor if it means something in the first place.
  • If you need computer C to connect to the 2345 forwarded port on A then you should get familiar with ssh -g option. Read man ssh.
1

Use local port forwarding:

ssh -L 80:localhost:80 B

and then connect to localhost:80. The connection will be forwarded to the B's port 80

1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like