February 26, 2018

SSH Port Forwarding example

In addition to my previous post about SSH tunneling. Here is another example of accessing web server in a restricted network. Plink.exe command-line tool will be used on Windows admin computer to access SSH Server.

C:\>plink.exe -L 8080: root@ 
In this scenario SSH server has a direct access to the Web Server via HTTP. After issuing the command above, client connects to SSH Server and all local connections to TCP port 8080 on Windows workstation are tunneled via SSH to Web Server’s TCP 80 port. So you are able to type http://localhost:8080 on Windows system and connect to Web Server behind 2 Firewalls.

In another scenario, SSH Server has only SSH access to Web Server. Thus a second tunnel is required in this case. One from Admin workstation to SSH Server and another one from SSH Server to Web Server.

C:\> plink.exe -L 8080:localhost:8080 root@
SSHServer# ssh -L 8080:localhost:80 root@
After running the commands above you will be able to access Web Server via browser by typing http://localhost:8080 address, when Web Server is located behind 2 Firewalls and only SSH is allowed during all packet travel.

No comments:

Post a Comment