davidovski
/
davidovski
mirror of https://git.davidovski.xyz/davidovski.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix formatting on old articles

This commit is contained in:
davidovski 2023-07-26 20:04:37 +02:00
parent a1df2a48f3
commit 6f0c6a1f75
2 changed files with 26 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
site/entries/ssh_forwarding.html
View File

@ -10,9 +10,7 @@ However, what if you don't want to, *or can't*, directly open ports onto your ho
SSH remote port forwarding is built right into ssh itself, and is quite simple:
```
ssh -R 5505:localhost:4404 user@remote.host
```
ssh -R 5505:localhost:4404 user@remote.host
When this command is run on the local server, it will:
+ create an ssh connection to the remote server, as per usual
@ -39,14 +37,14 @@ Then, create a script for your ssh port forwarding. I placed mine directly in th
Here is my example of a script that you could use:
#!/bin/sh
#!/bin/sh
PORTS="8080 25565"
DEST="bridge@remote.host"
SSH_PORT="22"
IDENTITY_FILE="~/.ssh"
PORTS="8080 25565"
DEST="bridge@remote.host"
SSH_PORT="22"
IDENTITY_FILE="~/.ssh"
/usr/bin/ssh -nNT $(echo $PORTS | awk -v host=$LOCALHOST '{for (i = 1; i <= NF; i++){ printf "-R %d:%s:%d ",$i,host,$i}}') -p $SSH_PORT -i $IDENTITY_FILE $DEST
/usr/bin/ssh -nNT $(echo $PORTS | awk -v host=$LOCALHOST '{for (i = 1; i <= NF; i++){ printf "-R %d:%s:%d ",$i,host,$i}}') -p $SSH_PORT -i $IDENTITY_FILE $DEST
Next you'd want to run this script as a service. Check your distro's service system how to do this if you have any trouble.
@ -56,17 +54,17 @@ Say that the script you made was `/home/bridge/tunnel.sh`, you should create a u
To do this create the following file in `/home/bridge/.config/systemd/user/tunnel.service`:
[Unit]
Description=SSH tunnel
[Unit]
Description=SSH tunnel
[Service]
ExecStart=/home/bridge/tunnel.sh
RestartSec=5
Restart=always
KillMode=mixed
[Service]
ExecStart=/home/bridge/tunnel.sh
RestartSec=5
Restart=always
KillMode=mixed
[Install]
WantedBy=default.target
[Install]
WantedBy=default.target
Then enable and start the service with: `systemd --user enable tunnel.service` and `system --user start tunnel.service`. Ensure that it is running with `systemd --user status tunnel`
@ -82,7 +80,7 @@ Say you forwarded traffic from port 8080 on remote to port 80 on local, you coul
Here is an example of this in practice, forwarding port 80 and 443, by forwarding ports 8080 and 8443:
/usr/bin/ssh -nT -R 8443:localhost:443 -R 8080:localhost:80 -i $IDENTITY_FILE -p $SSH_PORT $DEST "(sudo socat TCP-LISTEN:80,fork TCP:localhost:8080) & sudo socat TCP-LISTEN:443,fork TCP:localhost:8443"
/usr/bin/ssh -nT -R 8443:localhost:443 -R 8080:localhost:80 -i $IDENTITY_FILE -p $SSH_PORT $DEST "(sudo socat TCP-LISTEN:80,fork TCP:localhost:8080) & sudo socat TCP-LISTEN:443,fork TCP:localhost:8443"
However this command assumes that the remote user has access to sudo with **NO PASSWORD**. Alternatively you could create a similar service (this time as a system service) on the remote server running the socat commands.