- Setup redirecting 25 port to 2525 port for ens3 interface
iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 25 -j REDIRECT --to-port 2525
- Show config
sudo iptables -t nat -L -n -v
- Save config
sudo iptables-save
Note that if you use OpenSSH sshd server, the server's GatewayPorts option needs to be enabled (set to yes or clientspecified) for this to work (check file /etc/ssh/sshd_config on the server).
echo "GatewayPorts clientspecified" >> /etc/ssh/sshd_config
service ssh restart
- Gen sertificate files; if
~/.ssh/id_rsa
and~/.ssh/id_rsa.pub
already exist – use them
ssh-keygen -t rsa -b 16384
ssh-copy-id [-p 22] user@server
- Edit SSH client config
nano ~/.ssh/config
:
Host *
ServerAliveInterval 60
UseKeychain yes
Host HostAliasName
Hostname 123.123.123.123
Port 22
User username
Compression yes
PasswordAuthentication no
- Run with bind_address
ssh -R :2525:localhost:2525 -N HostAliasName
$ telnet fuck.xyz 25
Trying 123.123.123.123...
Connected to fuck.xyz.
Escape character is '^]'.
220 Come to daddy