fix formatting on old articles
This commit is contained in:
parent
a1df2a48f3
commit
6f0c6a1f75
|
@ -10,9 +10,7 @@ However, what if you don't want to, *or can't*, directly open ports onto your ho
|
|||
|
||||
SSH remote port forwarding is built right into ssh itself, and is quite simple:
|
||||
|
||||
```
|
||||
ssh -R 5505:localhost:4404 user@remote.host
|
||||
```
|
||||
ssh -R 5505:localhost:4404 user@remote.host
|
||||
|
||||
When this command is run on the local server, it will:
|
||||
+ create an ssh connection to the remote server, as per usual
|
||||
|
@ -39,14 +37,14 @@ Then, create a script for your ssh port forwarding. I placed mine directly in th
|
|||
|
||||
Here is my example of a script that you could use:
|
||||
|
||||
#!/bin/sh
|
||||
#!/bin/sh
|
||||
|
||||
PORTS="8080 25565"
|
||||
DEST="bridge@remote.host"
|
||||
SSH_PORT="22"
|
||||
IDENTITY_FILE="~/.ssh"
|
||||
PORTS="8080 25565"
|
||||
DEST="bridge@remote.host"
|
||||
SSH_PORT="22"
|
||||
IDENTITY_FILE="~/.ssh"
|
||||
|
||||
/usr/bin/ssh -nNT $(echo $PORTS | awk -v host=$LOCALHOST '{for (i = 1; i <= NF; i++){ printf "-R %d:%s:%d ",$i,host,$i}}') -p $SSH_PORT -i $IDENTITY_FILE $DEST
|
||||
/usr/bin/ssh -nNT $(echo $PORTS | awk -v host=$LOCALHOST '{for (i = 1; i <= NF; i++){ printf "-R %d:%s:%d ",$i,host,$i}}') -p $SSH_PORT -i $IDENTITY_FILE $DEST
|
||||
|
||||
Next you'd want to run this script as a service. Check your distro's service system how to do this if you have any trouble.
|
||||
|
||||
|
@ -56,17 +54,17 @@ Say that the script you made was `/home/bridge/tunnel.sh`, you should create a u
|
|||
|
||||
To do this create the following file in `/home/bridge/.config/systemd/user/tunnel.service`:
|
||||
|
||||
[Unit]
|
||||
Description=SSH tunnel
|
||||
[Unit]
|
||||
Description=SSH tunnel
|
||||
|
||||
[Service]
|
||||
ExecStart=/home/bridge/tunnel.sh
|
||||
RestartSec=5
|
||||
Restart=always
|
||||
KillMode=mixed
|
||||
[Service]
|
||||
ExecStart=/home/bridge/tunnel.sh
|
||||
RestartSec=5
|
||||
Restart=always
|
||||
KillMode=mixed
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
|
||||
Then enable and start the service with: `systemd --user enable tunnel.service` and `system --user start tunnel.service`. Ensure that it is running with `systemd --user status tunnel`
|
||||
|
||||
|
@ -82,7 +80,7 @@ Say you forwarded traffic from port 8080 on remote to port 80 on local, you coul
|
|||
|
||||
Here is an example of this in practice, forwarding port 80 and 443, by forwarding ports 8080 and 8443:
|
||||
|
||||
/usr/bin/ssh -nT -R 8443:localhost:443 -R 8080:localhost:80 -i $IDENTITY_FILE -p $SSH_PORT $DEST "(sudo socat TCP-LISTEN:80,fork TCP:localhost:8080) & sudo socat TCP-LISTEN:443,fork TCP:localhost:8443"
|
||||
/usr/bin/ssh -nT -R 8443:localhost:443 -R 8080:localhost:80 -i $IDENTITY_FILE -p $SSH_PORT $DEST "(sudo socat TCP-LISTEN:80,fork TCP:localhost:8080) & sudo socat TCP-LISTEN:443,fork TCP:localhost:8443"
|
||||
|
||||
However this command assumes that the remote user has access to sudo with **NO PASSWORD**. Alternatively you could create a similar service (this time as a system service) on the remote server running the socat commands.
|
||||
|
||||
|
|
Loading…
Reference in New Issue